Going to be interesting to see how rotten (or not) the CA ecosystem is after Certificate Transparency is mandatory for all certificates. April 30th deadline won't demonstrate much since certificates can be backdated to bypass it. Presumably becomes fully mandatory in ~2 years?
-
-
Replying to @CopperheadOS @halvarflake
Not mandatory for _all_ certs. Just those to be trusted by Chrome.
1 reply 0 retweets 4 likes -
Replying to @pzb @halvarflake
Sure, only talking about certificates for web usage though. It obviously doesn't impact other uses of certificates.
1 reply 0 retweets 2 likes -
It would be nice to have an equivalent to Certificate Transparency for some other kinds of certificates and public key usage though.
1 reply 1 retweet 2 likes
Key transparency! https://github.com/google/keytransparency/ … (also most CT logs do accept non-TLS certs like code signing and S/MIME)
0 replies
2 retweets
7 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.