|
Andrew Ayer
@
__agwa
Cambridge, MA + SF Bay Area
|
|
Bootstrapped founder of @SSLMate, where I make SSL certificates easier and do #webpki and #CertificateTransparency stuff.
|
|
|
922
Tweets
|
174
Following
|
1,489
Followers
|
| Tweets |
|
Andrew Ayer
@__agwa
|
Jan 29 |
|
That was issued by Digicert, from a white label intermediate CA.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 26 |
|
Chrome announced their 2020 plans for Certificate Transparency: groups.google.com/a/chromium.org…
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 10 |
|
I do not use AV.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 10 |
|
Same. And I'm glad we got to meet in person, even if it was nigh impossible to have a conversation in that bar!
|
||
|
|
||
| Andrew Ayer retweeted | ||
|
Real World Crypto
@RealWorldCrypto
|
Jan 7 |
|
We are pleased to announce that #realworldcrypto 2020 will be live-streamed. Link: totalwebcasting.com/view/?func=VOF…
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 7 |
|
Yes, I'm correct. See Section 2.6 of RFC6960.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 7 |
|
Hopefully the SHA-1 OCSP responses are all signed from a sub-CA technically constrained to OCSP (as required by Mozilla policy) so it can't be used to forge an actual certificate.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 7 |
|
I haven't scanned OCSP responders in a while, but I'm sure there are still CAs signing OCSP responses with SHA-1, because it was never forbidden, and CAs will keep doing something dangerous as long as it's not forbidden.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 7 |
|
You calculate a SHA-1 chosen prefix and you choose to attack the PGP Web-of-Trust!? Come on, forge an OCSP response from a publicly-trusted CA instead! mail-archive.com/dev-security-p…
sha-mbles.github.io
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 5 |
|
Thanks!
The FSF considers any kind of linking to a (A)GPL-licensed software component to be a modification, requiring the entire combined work to be (A)GPL-licensed also. This blog post goes into greater detail: fsf.org/licensing/zfs-…
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Jan 5 |
|
New blog post: This Is Why You Always Review Your Dependencies, AGPL Edition agwa.name/blog/post/alwa…
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 27 |
|
The other success story of CT is integrating it with certificate linters to make CAs issue certificates that are actually standards-compliant. Previously, certificate parsers had to be lax to parse all certificates. Now they can be strict, which is a huge win for security.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 27 |
|
Certinomis is another example of a CA that was removed from Mozilla in large part due to misissuances found in CT
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 20 |
|
Gah, Twitter ate the URL: git.kernel.org/pub/scm/linux/…
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 20 |
|
Pretty sure the article is wrong. Although Linus was talking about making getrandom nonblocking, he ultimately went with this commit instead:
|
||
|
|
||
| Andrew Ayer retweeted | ||
|
Frank Denis
@jedisct1
|
Dec 11 |
|
miekg/dns before version 1.1.25 released today uses predictable DNS transaction IDs, can lead to response forgeries github.com/miekg/dns/issu… #golang
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 7 |
|
It will be sort of like that, except the importing will be continuous (since CAA records can change over time) and the user will be informed over email when there's a change.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 7 |
|
There's no CT-like system for DNS. Since Cert Spotter is a CT monitor, it shouldn't rely on a system that has weaker security guarantees than CT.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 7 |
|
Quite a few people have asked for CAA to be consulted. Have to be careful, because DNS is not transparent and (usually) not authenticated. Current plan is to make it an option, and send an email any time Cert Spotter relies on a CAA record for the first time.
|
||
|
|
||
|
Andrew Ayer
@__agwa
|
Dec 7 |
|
Per-endpoint authorization is definitely planned. Had to cut it from the initial release to get it out the door :-)
|
||
|
|
||