Dell pre-installing self-signed root CAs too?! https://edell.tlsfun.de/ #shockednotshockedpic.twitter.com/J4qGHYnpbS
-
-
@metromoxie@frgx@slightlylate@laparisa but locally installed roots are SUPER common, lots of AV vendors do it etc -
@metromoxie@frgx@slightlylate@laparisa we haven't added UI bc anyone who installs a bad root cert can also inject a dll & remove the UI -
@__apf__ Do you think Dell or Lenovo would have done that? I don't CC@metromoxie@slightlylate@laparisa -
@frgx@__apf__@metromoxie@slightlylate@laparisa I do. Dell and Lenovo are using 3P who are buying kits from 3P who absolutely would. -
@frgx And AV absolutely would do anything to avoid negative UI. Doubly so DLP products.@__apf__@metromoxie@slightlylate@laparisa
End of conversation
New conversation -
-
-
@__apf__@metromoxie@frgx@slightlylate@laparisa What on earth is the point of HPKP then?? https://twitter.com/DNSChain/status/668973677954764800 …This Tweet is unavailable. -
@__apf__@metromoxie@frgx@slightlylate@laparisa@mnot Is this even following the HPKP spec?? cc@agl__ -
@__apf__@metromoxie@frgx@slightlylate@laparisa@mnot@agl__ Where in here does it say you can bypass pins? https://tools.ietf.org/rfc/rfc7469.txt -
@metromoxie@taoeffect@__apf__@frgx@slightlylate@laparisa@mnot@agl__ Problem in hindsight: two values of "local": 1/ Chrome; 2/ Dell. -
@BrendanEich@metromoxie@__apf__@frgx@slightlylate@laparisa@mnot@agl__ RFC actually made that distinction:https://twitter.com/taoeffect/status/668987716743389184 … - 8 more replies
New conversation -
-
-
@__apf__@metromoxie@frgx@slightlylate@laparisa A solution might be removing the green lock (as mixedcont. does) when using custom ROOTs -
@__apf__@metromoxie@frgx@slightlylate@laparisa Also it there is no proxy(LAN ip)between the connection, HPKP should work for Root Certs.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

