|
[0xC001]
@
ECCTLS
|
|
0xC001 == TLS_ECDH_ECDSA_WITH _NULL_SHA
|
|
|
1.049
Tweetovi
|
336
Pratim
|
564
Osobe koje vas prate
|
| Tweetovi |
|
[0xC001]
@ECCTLS
|
28. sij |
|
“be liberal in what you accept from others” twitter.com/todayininfosec…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
20. sij |
|
|
||
|
[0xC001]
@ECCTLS
|
11. sij |
|
This was already our internal codename for the product... well before this bug twitter.com/GossiTheDog/st…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
5. sij |
|
What do you do with both of those at the same time? :-/
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
19. pro |
|
Not too hard if they use that ‘null cipher’ mode that uses plaintext...
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
11. pro |
|
B#
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
11. stu |
|
Little known fact (-:
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
11. stu |
|
There's an aluminum cap on the top used as a lightening rod. The spikes were added in 1934 on a copper "girdle". tms.org/pubs/journals/…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
5. stu |
|
Are there any implementations of this yet?
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
21. lis |
|
This is why @clairelizzie is my favorite Lifehacker author
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
5. lis |
|
@SecurityPenguin is that you back when you were a baby? (in the top left) I thought you used Vim...
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
26. ruj |
|
Thanks Matt, I was wondering why that happened!
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
20. ruj |
|
With the logjam attack, the researchers were able to crack 512-bit DH in ~1 minute... (with some precomputation) they could be doing something similar here, but with RSA
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
7. ruj |
|
Safari, Chrome, and Firefox may be dropping EV, but Smart is moving their position to be all in on EV
engadget.com/2019/09/06/sma…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
6. ruj |
|
Mine is off now, it was default before.
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
26. kol |
|
His real name is
R. Daneel Olivaw twitter.com/ErrataRob/stat…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
16. kol |
|
That’s why the EV cert indicators were not showing... nm I actually didn’t notice they were gone ;-) twitter.com/doylersec/stat…
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
15. kol |
|
This Is Just To Say
I have taken away
the EV indicators
in the omnibar
and which
you were probably
using
for extra revenue
Forgive me
they were not
so effective
nor well understood
🔒 👜 🔓
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
14. kol |
|
Exactly :) we seen that over the years as the “best practice” max cert lifetime has moved to 90 days, many enterprises and vendors haven’t allowed for automated solutions. It is time to push them towards the end goal by reducing cert lifespans
|
||
|
|
||
|
[0xC001]
@ECCTLS
|
14. kol |
|
Not every technology is easy to automate.
Case in point oracle tech is notoriously bad for any cert automation:
docs.oracle.com/cd/E21764_01/d…
|
||
|
|
||