David B. TempletonSetting up DNS over TLS on pfSenseDNS is a protocol woefully in need of confidentiality and integrity checks. The traditional service running over port 53 can be trivially…May 25, 20194May 25, 20194
David B. TempletonEnabling a Certificate Transparency TLS Extension in NginxCertificate transparency is the promise that, eventually, all certificate authorities commonly in root trust stores will publish logs of…Sep 4, 20171Sep 4, 20171
David B. TempletonTLS Configuration: Cipher Suites and ProtocolsThoughtfully setting the list of protocols and cipher suites that a HTTPS server uses is rare; most configurations out there are…Aug 3, 20173Aug 3, 20173
David B. TempletonSecuring PostgreSQL and MySQL remote connectionsWhen you connect to a remote host using MySQL or PostgreSQL tools (mysql, psql, mysqldump, pg_dump, etc.) over an untrusted network, you…Jul 18, 20161Jul 18, 20161