I wrote something on user authentication, and why password hashing is not enough: https://00f.net/2018/10/18/on-user-authentication/ …
-
-
Replying to @jedisct1
love the post! one minor nit that's not really relevant to its arguments.. tls 1.3 should indeed encrypt the server (only) certificates in the handshake (EncryptedExtensions iirc)
1 reply 0 retweets 0 likes -
-
Replying to @mcmanusducksong
This also affects DoH and obviously DoT. I’m planning to address this in DNSCrypt https://github.com/jedisct1/dnscrypt-proxy/issues/599 … (which led to this post) before finally submitting the whole protocol as a draft.
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.