Check your RSA exponent (more features later) https://e3.tlsfun.de/ @tqbf @FiloSottile @matthew_d_green @ivanristic might be interested
-
-
Replying to @hanno
@hanno@FiloSottile@matthew_d_green@ivanristic Even if you blame e=3, not using it doesn’t help until EVERY CA stops using it.1 reply 0 retweets 1 like -
Replying to @tqbf
@tqbf@FiloSottile@matthew_d_green@ivanristic that's my point. we should try forcing everyone to stop using it4 replies 0 retweets 0 likes -
Replying to @hanno
@hanno@FiloSottile@matthew_d_green@ivanristic Can’t we just force the small number of RSA implementors not to parse RSA signature blocks?3 replies 0 retweets 0 likes -
Replying to @tqbf
@tqbf@hanno@FiloSottile@ivanristic Is the use of parsers due to support for weird old padding schemes?3 replies 0 retweets 0 likes -
Replying to @matthew_d_green
@matthew_d_green@hanno@FiloSottile@ivanristic It’s like some nerd saw ASN.1 and compulsively decided they had to parse it.1 reply 0 retweets 0 likes -
Replying to @tqbf
@tqbf@matthew_d_green@hanno@FiloSottile@ivanristic There's confusion around encoding hash AlgorithmIdentifier http://www.ietf.org/mail-archive/web/smime/current/msg11911.html …2 replies 0 retweets 1 like -
Replying to @trevp__
@trevp__@tqbf@matthew_d_green@hanno@FiloSottile@ivanristic The RFC is written poorly, as noted in section 7 of https://www.cdc.informatik.tu-darmstadt.de/reports/reports/sigflaw.pdf …1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@trevp__@tqbf@matthew_d_green@hanno@FiloSottile@ivanristic But looks mandatory in apndx c.3, (j) of rfc 32801 reply 0 retweets 0 likes
@ECCTLS @trevp__ @tqbf @matthew_d_green @hanno @FiloSottile @ivanristic Non-normative example of different construct w/ sig. (not hash) alg.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.