o not click
links or open attachments unless you recognize the sender and know the content
is safe.
On 13/07/2023 10:13, Rob Stradling wrote:
How about also including in the shared dictionary the SHA-256 hashes of the
public keys of all the known CTv1 logs, so that the 32-byte LogID field of each
SC
How about also including in the shared dictionary the SHA-256 hashes of the
public keys of all the known CTv1 logs, so that the 32-byte LogID field of each
SCT will be compressed?
FWIW, RFC9162 (CTv2) tackles the same SCT bloat by changing the LogID type from
a (32-byte) SHA-256 hash of the
Thanks EKR.
Done, in https://github.com/google/certificate-transparency-rfcs/pull/307
On 22/02/2019 14:51, Eric Rescorla wrote:
> That works for me
>
> -Ekr
>
>
> On Fri, Feb 22, 2019 at 6:41 AM Rob Stradling <mailto:r...@sectigo.com>> wrote:
>
> EK
, which would
> render caches invalid. Isn't that motivation to recommend an SCT
> over an STH?
>
> Separately, why does this establish a new registry for signature
> schemes? It is obviously trying to keep TLS compatibility, based on
> the codepoints, but forking the r
istrator has manually enabled OCSP stapling?
--
Rob Stradling
Senior Research & Development Scientist
Sectigo Limited
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
port for Must-Staple:
https://github.com/openssl/openssl/pull/495
(Perhaps I've misunderstood what is "the issue" that "nobody has raised"?)
--
Rob Stradling
Senior Research & Development Scientist
Sectigo Limited
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
an be used.
Do you know if there are indications / best practices from ITU or from
IETF (or other organizations) on how to deal with this issue ? Has the
issue been addressed somewhere ?
Cheers,
Max
--
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo
--
Rob Stradl
nd save a round-trip.
Cheers,
Victor.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
On 02/12/16 14:53, Thomas Pornin wrote:
Commercial CA tend to sell "SSL certificates", not "TLS certificates"
or "SSL/TLS certificates".
It's worse than that. Many customers, and even some salespeople, seem
to think that we sell "SSLs".
--
Rob
to be trendy at the moment...
https://en.wikipedia.org/wiki/Mac_OS
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
On 02/03/16 09:10, Rob Stradling wrote:
Neither you nor I can post in any of the CA/Browser forum’s lists,
because neither of us has either a browser or a public CA.
There are some people who are active there and are reading this list,
so they might take such a proposal there. I’m not very
t take such a proposal there. I’m not very optimistic, though.
Please don't give up without even trying!
If you have a proposal, I'd be happy to post it to the
pub...@cabforum.org list on your behalf.
Alternatively, you could post it to the questi...@cabforum.org list
yourself.
--
Rob Stradling
w, since I built this on top of ekr's client authentication
changes (to avoid messy rebases):
https://github.com/martinthomson/tls13-spec/commit/354475cf02819a9cc808457f2c09fdaeb1f82aa5
--
Rob Stradling
Senior Research & Development Scientist
COMODO - C
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
--
Rob Stradling
Senior Research Development Scientist
COMODO - Creating Trust Online
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org
14 matches
Mail list logo