History: Tiki Suite Security
Preview of version: 16
Notes about security.
Beyond making sure each component is secure and updated, we need to make sure integrations are secure. For some groups there might also be further interest in SIP TLS and SRTP/zRTP for securing VoIP communications (FreeSwitch, Jitsi, Qutecom, Blink, SFL Phone support this). Likewise, LDAPS will definitely be needed when VPNs or NAT aren't possible between servers. Perhaps a challenge will be to manage keys and certificates for the organisation; ClearOS does provide such management interface for example.
ClearOS
Security add-ons
- http://www.zarafa.com/blog/post/2013/05/smime-z-push-signing-and-en-decrypting-emails-mobile-devices
- http://www.zarafa.com/integrations/zarafa-webaccess-smime-plugin
- https://www.enigmail.net/
Related links
- https://www.dnssec-tools.org/
- http://www.internetsociety.org/articles/dane-taking-tls-authentication-next-level-using-dnssec
- http://www.internetsociety.org/deploy360/blog/2013/12/want-to-quickly-create-a-tlsa-record-for-dane-dnssec/
- http://www.dwheeler.com/essays/easy-email-sec.html
- https://www.mailpile.is
- https://leap.se/en/home
- http://preyproject.com/
- https://securityinabox.org/en
- http://tracyreed.org/blog/2010/12/26/sip-brute-force-attacks
- http://code.google.com/p/sipvicious/
- OpenPGP