David Cooper

> I'd like to merge that but as I see now `show_finding()`, I am scratching my head about readability and sense . Any thoughts? I find switching `( ... )`...

> However now we have still some statements like `[[ "${service[i]}" == ANY ]] || [[ "${service[i]}" =~ $client_service ]]` which feels a bit inconsistent. We could suggest that for...

> As for the 3072 bit and how we label/phrase it, I'd rather listen to @dcooper16 I was also curious about the source of the claim that "Current standards are...

Hi @DemiMarie, Could you please explain more what you mean by "irrelevant"? I looked at CVE-2022-3786 and CVE-2022-3602, and the descriptions say they are both about name constraint checking on...

Hi Dirk, I tried to create a PR to address this issue, but ran into a problem as a result of #2050. I can't figure out a way to include...

Hi @KongLynn, If you use the branch at https://github.com/dcooper16/testssl.sh/tree/nist and specify the `--nist` option at the command line, then it would check for conformance to NIST SP 800-52 Revision 2....

Hi @KongLynn, I am not suggesting that TLS_CHACHA20_POLY1305_SHA256 is insecure. As you note, it is one of the cipher suites recommended by the IETF. It is also rated as a...

We can't make the HTML "look like the report that is printed on the screen," because testssl.sh can not determine what your screen looks like. We could, however, have an...

Hello @joyantaDebnath, It is not clear to me in items 1. and 2. in your comment whether you are noting that OpenSSL will allow such certificates to be created, or...

Hello @kroeckx, Yes, you are correct and I misread @joyantaDebnath's comment. I thought @joyantaDebnath was talking about empty distinguished names (i.e., names that are SEQUENCE of 0 relative distinguished names...