Ivan Ristic

@ivanristic

Founder of Hardenize, because everyone deserves good internet security. Previously, founder of SSL Labs and ModSecurity; wrote Bulletproof SSL and TLS.

London
Vrijeme pridruživanja: veljača 2009.

Tweetovi

Blokirali ste korisnika/cu @ivanristic

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ivanristic

  1. proslijedio/la je Tweet
    prije 2 sata

    More from the latest newsletter: vulnerability in the client certificate support for Java/JSSE, PrimeKey acquires Crypto Workshop, on demise of HPKP. A lot more to follow!

    Poništi
  2. proslijedio/la je Tweet
    prije 20 sati

    Out today, my Security Engineering book chapter 12 tells the story of the last decade's frauds against card payments and online banking, and how the defences have adapted:

    Poništi
  3. proslijedio/la je Tweet

    We published our first ever annual report! Check out the ways Let's Encrypt has impacted the globe in 2019:

    Poništi
  4. proslijedio/la je Tweet
    31. sij

    More news: RFC for GREASE has been published - a mechanism to keep TLS implementations flexible for future changes

    Poništi
  5. proslijedio/la je Tweet
    31. sij

    We just released four more Early Bird tickets for the remote training on 16-19 March - if you were looking to register hurry up - discount ends today!

    Poništi
  6. proslijedio/la je Tweet

    Hiring in tech is super difficult and requires a lot of documentation and processes in place to scale. I discovered 's hiring templates today and have found them really useful for refreshing my thinking around hiring.

    Poništi
  7. proslijedio/la je Tweet
    30. sij

    Bulletproof TLS Newsletter is out! Vulnerability in Windows allows certificate forgery with elliptic curves and other January news!

    Poništi
  8. 30. sij
    Poništi
  9. proslijedio/la je Tweet
    29. sij

    RT : Slides posted for my talk on the work behind MongoDB's new client side encryption. Especially grateful for the collaboration with , , and .

    Poništi
  10. proslijedio/la je Tweet

    Good morning . I am maintaining a curated list with links to the live tweets being written about the talks and panels at the conference. This also includes online news articles. Please retweet to people outside this conference!

    Poništi
  11. proslijedio/la je Tweet
    29. sij

    TLS ALPN and RSASSA-PSS security features to be added to OpenJDK 8.

    Poništi
  12. proslijedio/la je Tweet
    27. sij

    SameSite=Lax cookie issues imminent for AMP-enabled websites since the AMP cache loads under a faux first party:

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    28. sij

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    22. sij

    Coming soon to OpenSSL: a simple, safe and performant API for primality testing. With , and with thanks to Kurt Roeckx from OpenSSL and who posed the question.

    Poništi
  15. proslijedio/la je Tweet
    27. sij

    More 🍪 cookie news: 0️⃣ Intent to **prototype** 1️⃣ tl;dr you can't share 🍪 across HTTP / HTTPS 2️⃣ 3P 🍪 need to be Secure anyway ➡️ unaffected 3️⃣ Consider HTTPS by default (again) 4️⃣ HTTP➡️HTTPS may mean transferring 🍪 👋 Happy to discuss!

    Poništi
  16. proslijedio/la je Tweet

    I got to talk at about supply chain security and how Go tackles its challenges. made an excellent livetweeting thread.

    Poništi
  17. proslijedio/la je Tweet
    5. velj 2019.

    It was totally worth it to fly to a different country to hear drop some serious knowledge about TLS, PKI, and related treat models. I was looking forward to this class for about 6 months, and it was awesome!

    Poništi
  18. proslijedio/la je Tweet
    27. sij

    New blog post by me: 'The impact of SSL certificate revocation on web performance' Includes a focus on EV certificates, because they have some unique issues.

    Poništi
  19. proslijedio/la je Tweet
    27. sij

    Intent-to-Remove thread for TLS1.0/TLS1.1 in Chrome. "As of 1/1/20, we still saw 0.3% of main frame page loads using TLS 1.0 or 1.1. This is down significantly from 0.68% in Jan2019."

    Poništi
  20. proslijedio/la je Tweet
    27. sij

    Our research on usable certificate errors (see details at , feedback welcome) presented at 2020 in Brno. Apart from that, we are collecting developer's opinions for the new study on the research booth.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·