Firefox is safe: NSS doesn't accept the certificate. Chrome is fooled by the certificate, but it throws NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED. will need to investigate.pic.twitter.com/Cxp7ycBNB4
U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
Firefox is safe: NSS doesn't accept the certificate. Chrome is fooled by the certificate, but it throws NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED. will need to investigate.pic.twitter.com/Cxp7ycBNB4
even though Chrome is using BoringSSL, it delegates to CryptoAPI for certificate verification, like lots of other software https://chromium.googlesource.com/chromium/src/net/+/master/cert/cert_verify_proc_win.cc …
thanks to @CiPHPerCoder's hint :)
the biggest constraints are Chrome's tight certificate policies and that the root CA must be cached, which you can trigger by visiting a legitimate site that uses the certificatepic.twitter.com/GgftwVvpY8
is there any reason not to drop my PoC on GitHub, since there have been two PoCs released already?
since there have been two dropped already, here's my PoC for CVE-2020-0601:https://github.com/saleemrashid/badecparams …
This doesn't seem like it is really being recognised as being signed by Sectigo, otherwise it should look like this rather. So my guess is that if you dig into the cert chain, you'll see it report the CA root cert is not in the CA store... So not sure this is really the bug.pic.twitter.com/4Z58w5aVzZ
sorry, i'm not sure what difference you're pointing out. but, regardless, we're not aiming to make it signed by a specific root CA, just to make it trusted - which it is.
Never gonna git you up...
How dare you...
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.