J.C. Jones
J.C. Jones
Currently, an OCSP Responder configured with a Redis backend uses the MultiSource Source to blend the MariaDB and Redis results. As part of that blend, it compares byte-for-byte that the...
When we run Boulder within chroot environments, whether a podman container or something using libcontainer, we're not going to have access to `/dev/log`, and providing it within the chroot is...
This is a follow-on to #5736. We set the cache tag to a two-character string of the last two hex characters of the serial, without a prefix. https://github.com/letsencrypt/boulder/blob/7a7f436212bd040a09a5d0ef246f6dc76097d216/cmd/ocsp-responder/main.go#L174-L180 Akamai's cache...
Unauthorized can come from a variety of possibilities; we should emit metrics that break down the internal cases, so we can tell if a request appears to be legitimate* but...
To replace some additional existing infrastructure with Boulder Observer, we'd want to add three more things to probe: 1. The validity and remaining lifetime of the CRL at a given...
WebAuthn is [supported in Firefox 60, and supported shortly in Chrome 67 and Edge 18](https://caniuse.com/#feat=webauthn), providing a cross-browser support that is the spiritual successor to U2F. It's possible to [migrate...
Review Draft: https://fidoalliance.org/specs/fido-v2.0-rd-20161004/fido-client-to-authenticator-protocol-v2.0-rd-20161004.html
For Gecko to use the WebDriver feature, Gecko needs to be able to trigger `manager.add_webdriver_virtual_bus();` and potentially may need to provide a port (which would be a refactor). Add such...
This interplays with #136. Firefox will want to ship authenticator-rs using NSS (via something like neqo-crypto), however that makes compilation in CI complex. Let's add a trait and a runtime...
The main example should check the validity of the attestation returned, so it can be used to verify a token (hardware or software).