Jeremy Rowley

@GreatAmus

Product dude at DigiCert. These tweets are my own opinion and not the views of my employer. They also aren't very good tweets...unless you like PKI memes.

Vrijeme pridruživanja: travanj 2014.

Tweetovi

Blokirali ste korisnika/cu @GreatAmus

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @GreatAmus

  1. proslijedio/la je Tweet
    12. lip 2019.
    Odgovor korisnicima

    The validity period requirement only applies to leaf TLS server certs.

    Poništi
  2. proslijedio/la je Tweet
    12. lip 2019.
    Odgovor korisniku/ci

    No it doesn't. It only applies to certs used for TLS Server auth. I'd love to burn it all down, but I can't. Users can override SHA-1 failures as well.

    Poništi
  3. 12. lip 2019.

    Maybe a stretch, but I wanted to put the info out there, and I laughed at the GIF for a long time.

    Prikaži ovu nit
    Poništi
  4. 12. lip 2019.

    When Google announces it is removing the org name from the browser URL and were hoping for the green bar instead.

    Prikaži ovu nit
    Poništi
  5. 12. lip 2019.

    TBH, most of these 'changes' were predictable. I feel it's more like this for people who ignored the warning signs. For example, it was already in the Mozilla policy to verify domains. Google has already said they want shorter lived certs. And everyone wants to get rid of SHA1

    Poništi
  6. 12. lip 2019.

    I should have said "Especially when Mozilla clarifies that their policy prohibits delegation of email validation in SMIME"

    Prikaži ovu nit
    Poništi
  7. 12. lip 2019.

    Being a CA and watching all these new browser policies announced. Especially the changes to sMIME

    Prikaži ovu nit
    Poništi
  8. 12. lip 2019.

    Clarification: This applies to all certs, regardless of EKU. You can override trust for individual certs that are longer than 825 days, but not SHA1

    Prikaži ovu nit
    Poništi
  9. 12. lip 2019.

    Apple announcing no more support for private certs longer than 825 days and SHA1 certs

    Prikaži ovu nit
    Poništi
  10. 11. lip 2019.

    CAB Forum update 2: Me trying to slip identity updates past Ryan while he's looking elsewhere.

    Poništi
  11. 11. lip 2019.
    Prikaži ovu nit
    Poništi
  12. 11. lip 2019.

    CAB Forum summary so far: 1) It's good to see everyone 2) The Network Security group is still working on stuff 3) Reorganizing document structure will save us all

    Prikaži ovu nit
    Poništi
  13. 27. ožu 2019.

    I was watching Titans and was bothered that: 1) No one locks their computer ever. Billion dollar security but no locked computer policy. Maybe too realistic, 2) No one actually ages in 15 years. What is your secret Gotham?!

    Poništi
  14. proslijedio/la je Tweet
    7. kol 2018.

    RFC 8410 is published! It describes how to create x.509 certificates using curve25519 and curve448

    Poništi
  15. 1. kol 2018.

    Not mine, but I thought it was funny. Ballot 219 clarified that following the CAA RFC was the right way to check CAA records. Basically, you can't issue a cert if the CAA record doesn't specify you a s the CA.

    Poništi
  16. proslijedio/la je Tweet
    28. lip 2018.

    Some fixes, some news, some announcements. Read my blog to get the latest updates!

    Poništi
  17. 8. lip 2018.

    Nothing causes anxiety like traveling in Europe without a chip and pin card. Whether I can pay for something good is a roll of the dice.

    Poništi
  18. 7. lip 2018.

    The most interesting thing about this is the scope isn't limited to certs. If the CAB forum voted to write policy about how awful I smell after theoretically exercising, they could

    Prikaži ovu nit
    Poništi
  19. 7. lip 2018.

    5.3.1 allows groups consisting of issuers, consumers, or a combination of both.

    Prikaži ovu nit
    Poništi
  20. 7. lip 2018.

    Apparently (1.1 of the bylaws) the scope is to voluntary gather cert issuers and cert consumers. That leaves little guidance on what WGs should be created and not be created.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·