Publications

We are continously writing papers, manuals and specifications, hence this page is not conclusive.

Specifications

S. Josefsson, N. Williams, Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family, RFC 5801, July 2010. More information.
S. Josefsson, Extended Kerberos Version 5 Key Distribution Center (KDC) Exchanges over TCP, RFC 5021, August 2007. More information.
S. Josefsson, Storing Certificates in the Domain Name System, RFC 4398, March 2006. More information.
S. Josefsson, Domain Name System Uniform Resource Identifiers, RFC 4501, May 2006. More information.
S. Josefsson, The OpenPGP mail and news header, January 2005. More information.
S. Josefsson, Domain Name System Media Types, RFC 4027, April 2005. More information.
S. Josefsson, The Base16, Base32, and Base64 Data Encodings, RFC 3548 (July 2003) and RFC 4648 (October 2006). Some related works for this document, and my implementation.
H. Andersson, S. Josefsson, G. Zorn, B. Aboba, Protected Extensible Authentication Protocol (PEAP), October 2001.
H. Andersson, S. Josefsson, Protecting EAP with TLS (EAP-TLS-EAP), August 2001.
S. Josefsson, Authenticating denial of existence in DNS with minimum disclosure (or; An alternative to DNSSEC NXT records), July 2000. Updated WG version. See also NSEC3, which is a more recent attempt to standardize the same idea.

Presentations

Universal 2nd Factor, FOSDEM, February 2015.
TLS attacks and stream ciphers, February 2013.
YubiKey, OATH & YubiHSM, January 2012.
YubiKey & YubiHSM, June 2011, Passwords¹¹.
GNU Network Security Labyrinth, FOSDEM, February 2011, FOSDEM 2011.
Autobuild Status Update, GNU Hackers Meeting, July 2010, GHM 2010 Den Haag.
YubiKey - Technology briefing, April 2010, Lysator UppLYSning.
GNU Code Quality Project, GNU Hackers Meeting, November 2009, GHM 2009 Gothenburg.
Introduction to GnuTLS, February 2009, FOSDEM.
Security in the Open Source Process, October 2008, OWASP Sweden Chapter Meeting.
OpenID - Protocol and Security, October 2008, OpenSourceDays.
OpenID - Single Sign On for the Web, April 2008, GoOpen.
Introducing OpenID, December 2007, FSCONS. Also held January 2008 for NUUG.
How to work with GnuTLS, December 2007, FSCONS.

Other documents

S. Josefsson, Linksys WRT54G3G with OpenWRT Kamikaze using Huawei E600 and Tele2/Comviq, July 2007.
S. Josefsson, Installation of Libgpg-error, Libgcrypt, GnuTLS and GSASL under uClinux, June 2007.
S. Josefsson, On Active Attacks to Kerberos Telnet, August 2001. As PDF.
S. Josefsson, Network Application Security Using The Domain Name System, master’s thesis, December 2001. More information.

Software Manuals

S. Josefsson, LibIDN Manual. As PDF.
S. Josefsson, GNU SASL Manual. As PDF.
S. Josefsson, Shishi Manual. As PDF.
N. Mavrogiannopoulos, S. Josefsson, GNU TLS Manual. As PDF.
S. Josefsson, A. Schroeder, Manual for Emacs smtpmail.el. As PDF.
S. Josefsson, Emacs Sieve Manual. As PDF. More information.