Phil Porada
Phil Porada
Here's a small snippet anyone can run to see how misissued these certificates are compared to the rest of the web PKI. ``` $ go get github.com/zmap/zlint/v3/cmd/zlint $ cd russian-trusted-root-ca/certificates...
https://groups.google.com/a/chromium.org/g/ct-policy/c/507lPdbbwSk > The following changes will take effect in Chrome 100, which is scheduled to be released on 29 March 2022: > > For certificates issued on-or-after 15 April 2022...
Per the readme, "You should configure remote state encryption for S3 via KMS via encrypt and kms_key_id.". This should be an automated step in the Makefile.
We rely on grafana, prometheus, and alertmanager for our monitoring stack. When metrics are ingested, they contain a non-human-friendly logid such as `entries_added{logid="abcdef1234567890abc"}`. In the [docs](https://github.com/google/trillian/blob/master/docs/api.md) there is an optional...
As far as I can tell, the blog is only accessible via the homepage by clicking `From our blog` or by navigating to https://letsencrypt.org/blog/. I think it would be helpful...
"Setting this directive to 'none' is similar to X-Frame-Options: deny (which is also supported in older browsers)." https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
If LEGO_EMAIL is not overridden by a user from the default value of `[email protected]`, there should be an early fail message to the user before even reaching out to Let's...
When looking at the LogIndexes table, I see the following information. ``` +----------------------+-----------+ | LogID | LogIndex | +----------------------+-----------+ | -1231231231231231231 | 123 | +----------------------+-----------+ ``` It's easy to determine...
* Tests the OCSP ResponseStatus cases * Define `var ocspExtensionOID = asn1.ObjectIdentifier..` as integer slice literal just like `var idPKIXOCSPBasic = asn1.ObjectIdentifier(` in `ocsp.go`