Hand in system description and risk analysis, box images and source code

[keyctl]

The deadline for the hand-in is 21.11.2019. The document must be submitted via e-mail to sprenger@inf.ethz.ch.

This issue shall list all important tasks for the final hand-in. For any other concerns, please add a comment below so this list can be updated accordingly.

• [ ] Check if the document exceeds 30 pages
• [ ] Check the log for missing references.
• [ ] Check for duplicated words.
• [ ] Hide the section about intentional backdoors (set showbackdoors to false).
• [ ] Remove the hint about the page limitation.
• [ ] Check the spelling (e.g. using Grammarly).

[keyctl]

As far as the submission of the source is concerned: Since we already have to provide images, I'd only publish as many files as necessary to the other teams, since everything else would leak information about our development. That means, in the final submission, we should definitely remove the .git directory, and I'd even remove any other files that are used for our development purposes such as Vagrantfile and README.md.

[keyctl]

For releasing the box images, we need to adjust their state as described in #40.

[keyctl]

For hand in, do not forget to include the private SSH key for the user and the private backup key for Borg.

[Miro-H]

For hand in, do not forget to include the private SSH key for the user and the private backup key for Borg.

vagrant_share/key_store/iMovies_bkp_key.pem vagrant_share/sshkey_store/aslclient01/*

[keyctl]

Checklist for the USB stick (and Polybox).

• [x] VirtualBox images
• [ ] SETUP.md
• [ ] two private keys (mentioned above)
• [ ] the report
• [ ] source code of WebServer and CertServer, with backdoor code removed (!) this includes removing the appropriate config sections from the ASP.NET Core projects (WebServer.csproj and CertServer.csproj)
• [ ] manually obtained CA admin certificate (automatic script was failing intermittently)