|
Tomas Hidalgo
@
tommy_hs
Almeria - Spain
|
|
PKI | HSM | Key Manager | eIDAS | Digital Signatures. Continuous Learning & Slow Life.
|
|
|
977
Tweetovi
|
137
Pratim
|
86
Osobe koje vas prate
|
| Tweetovi |
|
Tomas Hidalgo
@tommy_hs
|
3. velj |
|
Alguien olvidó leer esto: Gestión del ciclo de vida de los certificados
nccoe.nist.gov/projects/build…
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
3. velj |
|
More from the latest #TLS newsletter: vulnerability in the client certificate support for Java/JSSE, PrimeKey acquires Crypto Workshop, @Scott_Helme on demise of HPKP. A lot more to follow! feistyduck.com/bulletproof-tl…
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Criptored
@criptored
|
28. sij |
|
Publicada la clase Class4cryptc4c0.1 Presentación.
youtube.com/watch?v=rm8W5X…
Archivo pdf: criptored.upm.es/descarga/Class…
Resumen: presentación del proyecto Class4crypt, con una introducción de la temática que será tratada en las vídeoclases de los 13 módulos de los que consta el proyecto.
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Aaron Peters
@aaronpeters
|
28. sij |
|
📢 EV Certificates Make The Web Slow and Unreliable
aaronpeters.nl/blog/ev-certif…
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Vadims Podāns
@Crypt32
|
22. sij |
|
New blog post: LDAP signing requirements in March 2020 pkisolutions.com/reminder-ldap-… #ActiveDirectory #ADV190023
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
iVan Cerra
@icerra
|
19. sij |
|
CityPainter, una versión perfecta del mítico City Connection, disponible gratis en la App Store iphoneros.com/75169/version-… a través de @iphoneros
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Eric Lawrence 🎻
@ericlaw
|
19. sij |
|
I don't know who needs to hear this, but... don't use Internet Explorer to browse the web.
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
iVan Cerra
@icerra
|
19. sij |
|
Es universal y esta gratis 🎁🎉🥂
apps.ivancerra.com/gangscity.html
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
17. sij |
|
Interesante estudio de los Servicios de Confianza (TSP) que operan en diferentes regiones del mundo con el fin de identificar medidas que faciliten el reconocimiento mutuo.
Global Acceptance of EU Trust Services (ETSI TR 103 684 v1.1.1). etsi.org/deliver/etsi_t…
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
14. sij |
|
La gestión de vulnerabilidades Críticas que propone CISA (Dpto HomeLand Security) para Dptos. y Agencias Federales en USA es contundente; en 10 días, parches aplicados en todos los assets implicados. cyber.dhs.gov/assets/report/…
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
14. sij |
|
Vulnerabilidad crítica (CVE-2020-0601) que afecta a la funcionalidad criptográfica de Microsoft Windows. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. media.defense.gov/2020/Jan/14/20…
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
briankrebs
@briankrebs
|
13. sij |
|
Sources say Microsoft on Tuesday will fix an extraordinarily scary flaw in all Windows versions, in a core cryptographic component that could be abused to spoof the source of digitally signed software. Apparently DoD & a few others got an advance patch krebsonsecurity.com/2020/01/crypti…
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
10. sij |
|
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Arvind Narayanan
@random_walker
|
10. sij |
|
"SIM swap" attacks have been in the news for years. They’ve enabled serious financial crimes and even a hack of the Twitter CEO's account. We spent 6 months researching how vulnerable wireless accounts are to these attacks. Our draft study is out today. issms2fasecure.com
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Criptored
@criptored
|
9. sij |
|
Publicada la versión 0.5 del libro gratuito de criptografía aplicada de Dan Boneh y Victor Shoup (USA). Ultima versión del libro gratuito "A Graduate Course in Applied Cryptography", de Dan Boneh y Victor Shoup, Universidad de Stanford.
crypto.stanford.edu/~dabo/cryptobo…
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
7. sij |
|
CA/Browser Forum Baseline Requirements in 7.1 say "CAs SHALL generate Certificate serial numbers greater than zero (0) containing at least 64 bits of output from a CSPRNG". Are we safe? Do the CA's rigorously enforce this? Your opinion Mr @sleevi_? Thanks!
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
7. sij |
|
With the latest news about SHA-1, generating collisions with defined prefixes (sha-mbles.github.io), the authors indicate that there is an affectation in those X509 certificates under SHA-1 that use predictable Serial Numbers.
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Nick Sullivan
@grittygrease
|
7. sij |
|
With the recent SHA-1 news, it’s important to understand why collisions and chosen-prefix attacks have different impacts on security. Luckily I wrote a blog post about this!
blog.cloudflare.com/why-its-harder…
|
||
|
|
||
|
Tomas Hidalgo
@tommy_hs
|
7. sij |
|
Hi Andrew, I understood that the Ocsp answer must be issued from the same sub-ca that issues the final certificate... Is your sentence 100% correct? Thanks!
|
||
|
|
||
| Tomas Hidalgo proslijedio/la je tweet | ||
|
Feisty Duck
@feistyduck
|
31. pro |
|
Bulletproof TLS Newsletter is out! New factoring and discrete log records, but RSA stays safe - feistyduck.com/bulletproof-tl…
|
||
|
|
||