-
CRLs are still used by the Web PKI. It appears some CAs don't think they need to keep them online... https://tacticalsecret.com/the-state-of-crls/ …
#webpki pic.twitter.com/pnXtnJJs9B
-
Again proving live OCSP
#revocation in the#WebPKI is a nightmare (Upstream OCSP cache is stale. Seems OK elsewhere) pic.twitter.com/zwsuwEJ1M8
-
The proper way to read the BRs is to interpret them with a full understanding of the history and intent of each requirement. Also, the proper way to read the BRs is to interpret them exactly as written without any regard for the intent and history of each requirement.
#webpki -
63,082,038 valid certs known to
@CensysIO; 33,619,372 active@LetsEncrypt certs. Follows that 53% of certs in#WebPKI today are from LE. -
I had a blast on vacation with this wonderful book written by
@ivanristic and published by@feistyduck. I'm currently only in the half but already cannot recommend it enough. It's a MUST-READ for anyone interested in#PKI#WebPKI#TLS#SSL or#infosec.pic.twitter.com/weffuEeqcF
-
Math updated: 90.4% of Registered Domains (eTLD+1) using
@letsencrypt are new to the#WebPKI https://tacticalsecret.com/124-days-of-lets-encrypt/ …pic.twitter.com/q4lIxB5fx3
-
Can one shrink the
#WebPKI's certificate state to be as small as a photo? Mozilla Security Engineering is publishing a series of blog posts about#CRLite, a technology to compress and push revocations to@firefox users, now in@FirefoxNightly https://blog.mozilla.org/security/2020/01/09/crlite-part-1-all-web-pki-revocations-compressed/ …pic.twitter.com/Sz8wpj4o2H
-
Do you find cryptography and PKI interesting? Do you want to help secure and operate Google's publicly trusted CAs? Are you in Pittsburgh or New York? DM me.
#WebPKI -
Mozilla has decided how to respond to WoSign and StartCom miss-issuance - https://docs.google.com/document/d/1C6BlmbeQfn4a9zydVi2UvjBGv6szuSB4sMYUcVrR8vQ/preview …
#ssl#webpki -
We're about to start an experiment with the new IETF draft for Delegated Credentials in
#TLS in@FirefoxNightly together with@Cloudflare, giving another path to short-lived certs on the#WebPKI@ThylaVdMerwe https://blog.mozilla.org/security/2019/11/01/validating-delegated-credentials-for-tls-in-firefox/ …Prikaži ovu nit -
Think that crypto means
#WebPKI,#WebAuthn,#TLS13? So do we. Join our team!https://twitter.com/ThylaVdMerwe/status/1159521032430129157 … -
Domain validation support will be integrated into CT logs and CAs will no longer be needed for
#webpki. CT logs already serve as root of trust anyway. https://twitter.com/FiloSottile/status/1198487261421154304 … -
IAB encourages deployment of OCSP stapling - https://www.ietf.org/mail-archive/web/ietf-announce/current/msg16303.html …
#WebPKI@OCSP -
Some things just never change http://hecker.org/mozilla/business-of-cas … #2004
#webpki -
-
Looks like there is a new root CA in the Microsoft Root store, based in South Africa, TrustFactory - https://docs.microsoft.com/en-us/security/trusted-root/august2019 …
#webpki -
Again, the condescending, bullshit, "holier than thou" approach continues... https://cabforum.org/pipermail/public/2017-February/009770.html … no wonder the
#webpki is in a mess -
Ensuring Web PKI Integrity (EWPI) meetup Summary Report is available: https://docs.google.com/document/d/e/2PACX-1vThdwFAKzEMlHzHZAN4o050CM3P2LNqPcwJUsqfOFVqs6LktwwFdARPzVp81KDN72ih1IZMTHR3tklk/pub …
@PayPalInfoSec@letsencrypt#EWPI#WebPKI#TLS -
"I believe that the issues I have documented demonstrate a basic inability to operate effective issuance controls. " - https://groups.google.com/forum/?pli=1#!topic/mozilla.dev.security.policy/rmU311hOIIc …
#webpki#notagain -
Nueva tecnología de revocación en
#webPKI con#CRLite en@firefox. https://blog.mozilla.org/security/2020/01/09/crlite-part-1-all-web-pki-revocations-compressed/ …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.