On Sun, Mar 22, 2020 at 07:47:49AM +0100, Hanno Böck via dev-security-policy
wrote:
> FWIW: Given that with the private key it's easily possible to revoke
> certificates from Let's Encrypt I took the key yesterday and iterated
> over all of them and called the revoke command of certbot.
Yes, I
On Sat, 21 Mar 2020 19:20:27 +
Nick Lamb via dev-security-policy
wrote:
> Rather than mint an RSA key pair and self-signed certificate to
> bootstrap each install, they just supply a (presumably randomly
> generated) key and certificate right in the install data.
FWIW: Given that with the
On Sat, Mar 21, 2020 at 07:20:27PM +, Nick Lamb wrote:
> On Sat, 21 Mar 2020 13:40:21 +1100
> Matt Palmer via dev-security-policy
> wrote:
> > There's also this one, which is another reuse-after-revocation, but
> > the prior history of this key suggests that there's something *far*
> > more
On Sat, 21 Mar 2020 13:40:21 +1100
Matt Palmer via dev-security-policy
wrote:
> Oh the facepalm, it burns (probably too much hand sanitizer)... let
> me try that again.
Use soap and water where practical. And, as the BBC Comedy TV show
"That Mitchell & Webb Look" put it many years ago "Remain
4 matches
Mail list logo