On Sun, Feb 02, 2025 at 11:23:09PM -0800, Arabella Barks wrote: > Should Mozilla provide a service similar to Pwnedkeys to verify whether the > digest of an asymmetric private key matches the weak keys library and all > key libraries where the keys have been revoked by CAs and marked as > keyCompromised?
Out of curiosity, what benefits do you think Mozilla would get from running such a service? Unsurprisingly, I can think of a few possibilities, but I'm keen to see what you (and others) think. - Matt (posting in my capacity as Pwnedkeys' God-King, CEO, and assistant bottle-washer) -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/cff71c5a-c547-4b56-805a-5ed6512e817e%40mtasv.net.
