Autonomous Servers Security Protocols
version 0.0.0
These protocols are a set of common practices designed to ensure the privacy and security of our users.
We are autonomist and revolutionary tech collectives which work to provide freedom of communication to liberatory social movements.
- StartTLS: starttls with verified certs when connecting with other ASSP providers.
- IPs in headers: the user's home IP address should not appear in any email headers.
- Secure connections: Connections between the server and the user may be encrypted.
- (optional) The connection between the server and the user MUST be encrypted.
Webmail
- Session cookies: all sessions must be stored as cookies. Session IDs cannot be in the URL.
- Secure connections: Connections between the server and the user may be encrypted.
- (optional) The connection between the server and the user MUST be encrypted.
- (optional) Patches: webmail is patched to prevent session fixation attacks.
Hosting
- Secure connections: sftp or ssh connections only.
Certificates and SSL
- Private Keys: the private keys of certificates must be stored offsite or on encrypted partitions.
Strong Crypto: here is a list of acceptable ciphers: <To be determined>. for example: SSLCipherSuite HIGH:-SSLv2:-RSA
- Certificate authority: our server certificates come from one of these certificate authorities and we validate other servers certificates against these authorities:
- cacert.org
- ??????
Filesystems and Storage
- Swap: swap must be encrypted, using either dmcrypt or loopaes.
- System data:
- (optional) User data: all user data stored on encrypted partitions (or otherwise encrypted). This includes email, databases, list archives, etc.
Logging
- Logs with user identifiable information must be stored encrypted.
- (optional) No identifiable user information in logs. When turned on temporarily in order to detect attacks or abuse, logs should be held in memory or on encrypted partitions.
Users
- Shell Sandbox: shell accounts for users only in vservers, separate boxes, or similar sandboxes. No end user should should have a login on a server that provides sensitive services.