WvdS Doku - en:int:dbgway:entwickler:sicherheit

WvdS Doku - en:int:dbgway:entwickler:sicherheit https://www.wvds.it/wiki/ 2026-05-22T19:46:24+00:00 WvdS Doku https://www.wvds.it/wiki/ https://www.wvds.it/wiki/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2026-01-30T08:47:06+00:00 Anonymous (anonymous@undisclosed.example.com) 5.4 Ephemeral Certificates https://www.wvds.it/wiki/doku.php?id=en:int:dbgway:entwickler:sicherheit:ephemere-zertifikate&rev=1769762826&do=diff 5.4 Ephemeral Certificates Short-lived session certificates for enhanced security. Concept * Main certificate authenticates once * Server issues ephemeral certificate * Ephemeral certificate valid only for this session * Automatic rotation every X minutes text/html 2026-01-29T23:31:02+00:00 Anonymous (anonymous@undisclosed.example.com) 5. PQ Security https://www.wvds.it/wiki/doku.php?id=en:int:dbgway:entwickler:sicherheit:start&rev=1769729462&do=diff 5. PQ Security text/html 2026-01-30T08:47:04+00:00 Anonymous (anonymous@undisclosed.example.com) 5.2 TLS 1.3 with PQ Algorithms https://www.wvds.it/wiki/doku.php?id=en:int:dbgway:entwickler:sicherheit:tls-konfiguration&rev=1769762824&do=diff 5.2 TLS 1.3 with PQ Algorithms Configuration of transport encryption. Supported Algorithms Function Algorithm NIST Standard Key Exchange ML-KEM-768 FIPS 203 Signature ML-DSA-65 FIPS 204 Backup Signature SLH-DSA FIPS 205 TLS 1.3 Transport Layer Security 1.3 text/html 2026-01-29T23:31:08+00:00 Anonymous (anonymous@undisclosed.example.com) 5.1 PQ Security for Developers https://www.wvds.it/wiki/doku.php?id=en:int:dbgway:entwickler:sicherheit:uebersicht&rev=1769729468&do=diff 5.1 PQ Security for Developers Post-Quantum Cryptography in the Data Gateway. Architecture [Client + PQ Certificate] | TLS 1.3 (ML-KEM) [Proxy :443] | Named Pipe [Data Gateway API] | [Database] Zero Trust Model * No implicit trust * Every certificate is validated text/html 2026-01-30T08:47:08+00:00 Anonymous (anonymous@undisclosed.example.com) 5.3 Certificate Authentication https://www.wvds.it/wiki/doku.php?id=en:int:dbgway:entwickler:sicherheit:zertifikate&rev=1769762828&do=diff 5.3 Certificate Authentication Client identification via PQ certificates. Main Certificate The developer certificate is issued by the internal CA. # Request certificate openssl req -new -newkey ml-dsa-65 -keyout dev.key -out dev.csr # Send CSR to CA # After approval: receive dev.crt