|
Ivan Ristic
@
ivanristic
London
|
|
Founder of Hardenize, because everyone deserves good internet security. Previously, founder of SSL Labs and ModSecurity; wrote Bulletproof SSL and TLS.
|
|
|
14.917
Tweetovi
|
302
Pratim
|
11.530
Osobe koje vas prate
|
| Tweetovi |
| Ivan Ristic proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
18 h |
|
From #TLS newsletter 61: Chrome security team announced plans for handling of CT in 2020 feistyduck.com/bulletproof-tl…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Rowan Merewood
@rowan_m
|
3. velj |
|
All the latest on the SameSite cookie changes along with trying to make the staged rollout super clear! I'm going to be watching for questions, so please do ask if anything isn't clear. twitter.com/ChromiumDev/st…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
3. velj |
|
More from the latest #TLS newsletter: vulnerability in the client certificate support for Java/JSSE, PrimeKey acquires Crypto Workshop, @Scott_Helme on demise of HPKP. A lot more to follow! feistyduck.com/bulletproof-tl…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Ross Anderson
@rossjanderson
|
2. velj |
|
Out today, my Security Engineering book chapter 12 tells the story of the last decade's frauds against card payments and online banking, and how the defences have adapted: cl.cam.ac.uk/~rja14/book.ht…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Let's Encrypt
@letsencrypt
|
31. sij |
|
We published our first ever annual report! Check out the ways Let's Encrypt has impacted the globe in 2019: abetterinternet.org/documents/2019…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
31. sij |
|
More #TLS news: RFC for GREASE has been published - a mechanism to keep TLS implementations
flexible for future changes rfc-editor.org/info/rfc8701
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
31. sij |
|
We just released four more Early Bird tickets for the remote #TLS training on 16-19 March - if you were looking to register hurry up - discount ends today! feistyduck.com/training/the-b…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Nick Sullivan
@grittygrease
|
30. sij |
|
Hiring in tech is super difficult and requires a lot of documentation and processes in place to scale. I discovered @AskAlmanac's hiring templates today and have found them really useful for refreshing my thinking around hiring.
askalmanac.com/articles/4176/…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
30. sij |
|
Bulletproof TLS Newsletter is out! Vulnerability in Windows allows certificate forgery with elliptic curves and other January news! feistyduck.com/bulletproof-tl…
|
||
|
|
||
|
Ivan Ristic
@ivanristic
|
30. sij |
|
Fantastic. Thanks! twitter.com/kennwhite/stat…
|
||
|
|
||
|
Ivan Ristic
@ivanristic
|
30. sij |
|
@kennwhite Great work. Is there someplace where the deterministic and randomised algorithms are documented? As in, the exact format and operations, enabling someone to reimplement?
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Frank Denis
@jedisct1
|
29. sij |
|
RT @kennwhite: Slides posted for my #enigma2020 talk on the work behind MongoDB's new client side encryption. Especially grateful for the collaboration with @kennyog, @senykam, and @veorq.
speakerdeck.com/kwhite/bringin…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Christian Folini - on his way to Jacksonville, FL
@ChrFolini
|
29. sij |
|
Good morning @enigmaconf. I am maintaining a curated list with links to the live tweets being written about the talks and panels at the conference.
github.com/dune73/enigma-…
This also includes online news articles.
Please retweet to people outside this conference!
#enigma2020
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Sean Mullan
@seanjmullan
|
29. sij |
|
TLS ALPN and RSASSA-PSS security features to be added to OpenJDK 8. twitter.com/OpenJDK/status…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
John Wilander
@johnwilander
|
27. sij |
|
SameSite=Lax cookie issues imminent for AMP-enabled websites since the AMP cache loads under a faux first party: blog.amp.dev/2020/01/27/coo…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Clint Gibler
@clintgibler
|
28. sij |
|
Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security.
Here are my @AppSecCali slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
docs.google.com/presentation/d…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
kennyog
@kennyog
|
22. sij |
|
Coming soon to OpenSSL: a simple, safe and performant API for primality testing. With @Massicrypt, and with thanks to Kurt Roeckx from OpenSSL and @LindellYehuda who posed the question. #AppliedCryptoFTW twitter.com/iacr_news/stat…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Rowan Merewood
@rowan_m
|
27. sij |
|
More #samesite 🍪 cookie news:
0️⃣ Intent to **prototype**
1️⃣ tl;dr you can't share 🍪 across HTTP / HTTPS
2️⃣ 3P 🍪 need to be Secure anyway ➡️ unaffected
3️⃣ Consider HTTPS by default (again)
4️⃣ HTTP➡️HTTPS may mean transferring 🍪
👋 Happy to discuss! twitter.com/intenttoship/s…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
Filippo Valsorda
@FiloSottile
|
27. sij |
|
I got to talk at #Enigma2020 about supply chain security and how Go tackles its challenges.
@LeaKissner made an excellent livetweeting thread. twitter.com/LeaKissner/sta…
|
||
|
|
||
| Ivan Ristic proslijedio/la je tweet | ||
|
photo
@photo_chocolate
|
5. velj |
|
It was totally worth it to fly to a different country to hear @Scott_Helme drop some serious knowledge about TLS, PKI, and related treat models. I was looking forward to this class for about 6 months, and it was awesome! pic.twitter.com/1cxMrhQswx
|
||
|
|
||