Most TLS 1.3 clients delegate certificate validation to the native operating system validation library and I doubt many of them configure the validation library to whitelist specific curves; I’m not even sure they could if they wanted to.
-
-
-
Right, which might make them non-conformant with respect to how signature_algorithms_cert is defined in 4.2.3. of RFC 8446.
- Još 2 druga odgovora
Novi razgovor -
-
-
The original reports on this focused on code signing vulnerabilities, but it seems now it’s being suggested that TLS validations are also impacted at least in some software. I wish there were more clarity on that.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.