Robert Duncan

@robertduncan

Web securitist, interested in SSL/TLS. Tweets are my own.

Bath, Somerset
Vrijeme pridruživanja: svibanj 2008.

Tweetovi

Blokirali ste korisnika/cu @robertduncan

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @robertduncan

  1. proslijedio/la je Tweet
    1. stu 2019.

    Our team has been working on improving certificate security with Delegated credentials is a new feature in TLS that helps separate keys in a more secure way

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    11. ruj 2019.
    Poništi
  3. proslijedio/la je Tweet
    11. ruj 2019.

    Youch ... Chrome OS built-in security key has a very serious vulnerability ... "attackers that have a single pair of signature and signed data can effectively compute the private key"

    Poništi
  4. proslijedio/la je Tweet
    29. kol 2019.
    Poništi
  5. proslijedio/la je Tweet

    I just killed 500 lines of crypto/tls code. 🎉💥🔥 In Go 1.14, no more SSLv3. No ifdef, no option. It's deleted.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    21. kol 2019.
    Poništi
  7. proslijedio/la je Tweet

    It’s official, Chrome is moving the EV indicator in Chrome 77:

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    9. srp 2019.

    DarkMatter is getting distrusted from Firefox. Huge thanks to the team - especially - for running a process everyone could participate in and make their voices known.

    Poništi
  9. proslijedio/la je Tweet
    9. srp 2019.

    Clearlake Capital Group and TA Associates to Make a Strategic Growth Investment in -

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    22. lip 2019.

    This is really cool, and great work from Amazon. The biggest challenges with rolling your own PKI are key protection, availability, and compatibility. AWS seems to be knocking it out of the park for all three. Almost all the way to replacing on-prem ADCS.

    Poništi
  11. proslijedio/la je Tweet
    12. lip 2019.
    Odgovor korisnicima

    Yes. System-trusted certs have to abide by the CABF BR requirements. The validity period restriction for all others goes into effect for certs with a notBefore date of 1 July 2019 or later.

    Poništi
  12. proslijedio/la je Tweet
    12. lip 2019.
    Odgovor korisnicima

    Yeah! We’re going to be submitting a draft ballot for 1y shortly, for notBefore 2020/03 and later.

    Poništi
  13. proslijedio/la je Tweet
    4. lip 2019.

    New certificate requirements in iOS 13 and macOS Catalina: removing trust in weak algorithms, requiring server auth EKUs, enforcing maximum lifespans, and requiring SubjectAltNames.

    Poništi
  14. proslijedio/la je Tweet
    21. svi 2019.

    Here's an update on what security's been up to recently (including some new things we've open sourced!)

    Poništi
  15. proslijedio/la je Tweet

    It seems that have had to push back the plans to switch to their ISRG root by 12 months due to root propagation concerns on Android devices:

    Poništi
  16. proslijedio/la je Tweet

    Seems like Microsoft added "gov[.]uk" with "include_subdomains" to the HSTS preload list?

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    16. svi 2019.

    "In conclusion, I recommend the following: Remove the Certinomis - Root CA from the Mozilla root store in an upcoming NSS release."

    Poništi
  18. 16. svi 2019.

    "The TLS fingerprints that Akamai observed before Cipher Stunting was observed could be counted in the tens of thousands. Soon after the initial observation, that count ballooned to millions, and then recently jumped to billions.”

    Poništi
  19. proslijedio/la je Tweet

    We are happy to launch Oak, a CT Log today! Certificate Transparency greatly enhances Web security by providing the opportunity to monitor and study certificate issuance. Thanks to for providing funding to make this happen! Read more:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·