RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE RCERCERCERCERCE
-
-
All of the critical infrastructure computing is insecure because people keep fucking up X.509 parsers. That is the problem. But the real problem is X.509 (and vicariously ASN.1) advocates can’t even admit there is a problem.pic.twitter.com/tWytIL1gz5
2 replies 4 retweets 9 likes -
I don't disagree
1 reply 0 retweets 2 likes -
Seems like you can’t admit there’s a problem. And really, that’s the core problem. Nobody wants to talk about it, and meanwhile the world burns with unpatchable bootloader, firmware, and baseband vulnerabilities.
2 replies 0 retweets 0 likes -
I'm more worried about the world not admitting that there's a solution! Would CA/B forum be the place to propose replacing ASN.1 in certs? has It ever come up? has it basically no chance due to inertia?
3 replies 0 retweets 1 like -
What’s the best way to do that? 1:1 emails? An existing implementer-oriented WG? (WHATWG?)
1 reply 0 retweets 1 like
We mostly use WICG for “incubate first”, but the spirit is the same; “running code and rough consensus” in the plain-meaning sense.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.