#webpki — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #webpki, aggregated by home.social.
-
⚠️ 𝗟𝗲𝘁'𝘀 𝗘𝗻𝗰𝗿𝘆𝗽𝘁: 𝗦𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗜𝘀𝘀𝘂𝗮𝗻𝗰𝗲 𝗳𝗼𝗿 𝗣𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁
"We have been made aware of a potential incident and are shutting down all issuance."
May 8, 2026 18:37 UTC
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#letsencrypt #tls #webpki #pki #browsers #security #privacy #selfhosting #cybersecurity #ITInfrastructure
-
⚠️ 𝗟𝗲𝘁'𝘀 𝗘𝗻𝗰𝗿𝘆𝗽𝘁: 𝗦𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗜𝘀𝘀𝘂𝗮𝗻𝗰𝗲 𝗳𝗼𝗿 𝗣𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁
"We have been made aware of a potential incident and are shutting down all issuance."
May 8, 2026 18:37 UTC
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#letsencrypt #tls #webpki #pki #browsers #security #privacy #selfhosting #cybersecurity #ITInfrastructure
-
⚠️ 𝗟𝗲𝘁'𝘀 𝗘𝗻𝗰𝗿𝘆𝗽𝘁: 𝗦𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗜𝘀𝘀𝘂𝗮𝗻𝗰𝗲 𝗳𝗼𝗿 𝗣𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁
"We have been made aware of a potential incident and are shutting down all issuance."
May 8, 2026 18:37 UTC
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#letsencrypt #tls #webpki #pki #browsers #security #privacy #selfhosting #cybersecurity #ITInfrastructure
-
⚠️ 𝗟𝗲𝘁'𝘀 𝗘𝗻𝗰𝗿𝘆𝗽𝘁: 𝗦𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗜𝘀𝘀𝘂𝗮𝗻𝗰𝗲 𝗳𝗼𝗿 𝗣𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁
"We have been made aware of a potential incident and are shutting down all issuance."
May 8, 2026 18:37 UTC
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#letsencrypt #tls #webpki #pki #browsers #security #privacy #selfhosting #cybersecurity #ITInfrastructure
-
⚠️ 𝗟𝗲𝘁'𝘀 𝗘𝗻𝗰𝗿𝘆𝗽𝘁: 𝗦𝘁𝗼𝗽𝗽𝗶𝗻𝗴 𝗜𝘀𝘀𝘂𝗮𝗻𝗰𝗲 𝗳𝗼𝗿 𝗣𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁
"We have been made aware of a potential incident and are shutting down all issuance."
May 8, 2026 18:37 UTC
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/69fe2d6698ca07050eb4b1b3
#letsencrypt #tls #webpki #pki #browsers #security #privacy #selfhosting #cybersecurity #ITInfrastructure
-
https://www.europesays.com/at/139707/ Vorfall bei DigiCert: Malware-Autoren klauten Zertifikate #AT #Austria #Digicert #IT #Malware #Österreich #PKI #Science #Science&Technology #Security #Technik #Technology #WebPKI #Wissenschaft #Wissenschaft&Technik
-
🔐 Wanna read about #WebPKI to feel smart? Well, this site boasts about #HTTPS while rocking an expired cert. 🤦♂️ It's like a security guard locked outside his own building, yelling about safety! 🚫🔒
https://blog.brycekerley.net/2026/03/08/webpki-and-you.html #SecurityExpired #CertFail #SafeGuard #HackerNews #ngated -
🔐 Wanna read about #WebPKI to feel smart? Well, this site boasts about #HTTPS while rocking an expired cert. 🤦♂️ It's like a security guard locked outside his own building, yelling about safety! 🚫🔒
https://blog.brycekerley.net/2026/03/08/webpki-and-you.html #SecurityExpired #CertFail #SafeGuard #HackerNews #ngated -
🔐 Wanna read about #WebPKI to feel smart? Well, this site boasts about #HTTPS while rocking an expired cert. 🤦♂️ It's like a security guard locked outside his own building, yelling about safety! 🚫🔒
https://blog.brycekerley.net/2026/03/08/webpki-and-you.html #SecurityExpired #CertFail #SafeGuard #HackerNews #ngated -
🔐 Wanna read about #WebPKI to feel smart? Well, this site boasts about #HTTPS while rocking an expired cert. 🤦♂️ It's like a security guard locked outside his own building, yelling about safety! 🚫🔒
https://blog.brycekerley.net/2026/03/08/webpki-and-you.html #SecurityExpired #CertFail #SafeGuard #HackerNews #ngated -
March 15 is last call on 398-day certificates. After that, 200-day max, 100 in 2027, 47 in 2029.
Renew now and you buy yourself time to automate on your terms. Wait, and the CA/B Forum sets your schedule for you.
https://www.certkit.io/blog/last-call-on-398-day-certificates #PKI #WebPKI
-
March 15 is last call on 398-day certificates. After that, 200-day max, 100 in 2027, 47 in 2029.
Renew now and you buy yourself time to automate on your terms. Wait, and the CA/B Forum sets your schedule for you.
https://www.certkit.io/blog/last-call-on-398-day-certificates #PKI #WebPKI
-
CertKit Agent 1.6: RRAS support, deploy windows, and agent locking.
Shorter lifetimes mean certificate automation has to act like real deployments: issue, deploy, verify. Deploy windows keep disruptions inside maintenance windows, and agent locking freezes commands so UI changes can’t be weaponized.
-
CertKit Agent 1.6: RRAS support, deploy windows, and agent locking.
Shorter lifetimes mean certificate automation has to act like real deployments: issue, deploy, verify. Deploy windows keep disruptions inside maintenance windows, and agent locking freezes commands so UI changes can’t be weaponized.
-
Is today a #FediHire Friday? Sure looks like it!
What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.
My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.
This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.
While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.
My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.
In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.
Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.
PMs open if you want to talk details. Boosts/retoots appreciated.
#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork
-
Is today a #FediHire Friday? Sure looks like it!
What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.
My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.
This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.
While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.
My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.
In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.
Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.
PMs open if you want to talk details. Boosts/retoots appreciated.
#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork
-
Is today a #FediHire Friday? Sure looks like it!
What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.
My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.
This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.
While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.
My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.
In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.
Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.
PMs open if you want to talk details. Boosts/retoots appreciated.
#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork
-
Is today a #FediHire Friday? Sure looks like it!
What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.
My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.
This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.
While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.
My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.
In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.
Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.
PMs open if you want to talk details. Boosts/retoots appreciated.
#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork
-
Is today a #FediHire Friday? Sure looks like it!
What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.
My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.
This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.
While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.
My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.
In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.
Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.
PMs open if you want to talk details. Boosts/retoots appreciated.
#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork
-
#Heise:
"
"Passwort" Folge 40: Probleme mit Widerrufen, Verbindungsabbrüchen und anderemEine pickepackevolle Folge, gefüllt unter anderem mit kundigem Exploitbau unter Linux, einem HTTP2-DoS und millionenfachen Zertifikatsrückrufen von Microsoft.
"
https://www.heise.de/news/Passwort-Folge-40-Probleme-mit-Widerrufen-Verbindungsabbruechen-und-anderem-10632694.htmlmp3: https://audio.podigee-cdn.net/2098722-m-7a844de5c304b67bf99d2ee327d88425.mp3
10.9.2025
Aaaa.. MS..
#CA #CertificateTransparency #Chrome #LetsEncrypt #Microsoft #MS #PKI #TLSZertifikat #WebPKI #Zertifikat
-
#Heise:
"
"Passwort" Folge 40: Probleme mit Widerrufen, Verbindungsabbrüchen und anderemEine pickepackevolle Folge, gefüllt unter anderem mit kundigem Exploitbau unter Linux, einem HTTP2-DoS und millionenfachen Zertifikatsrückrufen von Microsoft.
"
https://www.heise.de/news/Passwort-Folge-40-Probleme-mit-Widerrufen-Verbindungsabbruechen-und-anderem-10632694.htmlmp3: https://audio.podigee-cdn.net/2098722-m-7a844de5c304b67bf99d2ee327d88425.mp3
10.9.2025
Aaaa.. MS..
#CA #CertificateTransparency #Chrome #LetsEncrypt #Microsoft #MS #PKI #TLSZertifikat #WebPKI #Zertifikat
-
#Heise:
"
"Passwort" Folge 40: Probleme mit Widerrufen, Verbindungsabbrüchen und anderemEine pickepackevolle Folge, gefüllt unter anderem mit kundigem Exploitbau unter Linux, einem HTTP2-DoS und millionenfachen Zertifikatsrückrufen von Microsoft.
"
https://www.heise.de/news/Passwort-Folge-40-Probleme-mit-Widerrufen-Verbindungsabbruechen-und-anderem-10632694.htmlmp3: https://audio.podigee-cdn.net/2098722-m-7a844de5c304b67bf99d2ee327d88425.mp3
10.9.2025
Aaaa.. MS..
#CA #CertificateTransparency #Chrome #LetsEncrypt #Microsoft #MS #PKI #TLSZertifikat #WebPKI #Zertifikat
-
#Heise:
"
"Passwort" Folge 40: Probleme mit Widerrufen, Verbindungsabbrüchen und anderemEine pickepackevolle Folge, gefüllt unter anderem mit kundigem Exploitbau unter Linux, einem HTTP2-DoS und millionenfachen Zertifikatsrückrufen von Microsoft.
"
https://www.heise.de/news/Passwort-Folge-40-Probleme-mit-Widerrufen-Verbindungsabbruechen-und-anderem-10632694.htmlmp3: https://audio.podigee-cdn.net/2098722-m-7a844de5c304b67bf99d2ee327d88425.mp3
10.9.2025
Aaaa.. MS..
#CA #CertificateTransparency #Chrome #LetsEncrypt #Microsoft #MS #PKI #TLSZertifikat #WebPKI #Zertifikat
-
#Heise:
"
"Passwort" Folge 40: Probleme mit Widerrufen, Verbindungsabbrüchen und anderemEine pickepackevolle Folge, gefüllt unter anderem mit kundigem Exploitbau unter Linux, einem HTTP2-DoS und millionenfachen Zertifikatsrückrufen von Microsoft.
"
https://www.heise.de/news/Passwort-Folge-40-Probleme-mit-Widerrufen-Verbindungsabbruechen-und-anderem-10632694.htmlmp3: https://audio.podigee-cdn.net/2098722-m-7a844de5c304b67bf99d2ee327d88425.mp3
10.9.2025
Aaaa.. MS..
#CA #CertificateTransparency #Chrome #LetsEncrypt #Microsoft #MS #PKI #TLSZertifikat #WebPKI #Zertifikat
-
For anyone who is panicking over certificate misissuance for #cloudflare
1.1.1.1: such "incidents" happen on a regular basis. For example #letsencrypt once had to revoke ~3M certs because their #CAA validation algorithm was faulty:https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591
Name a #CA and you're definitely going to find cases of misissuance. The problem is the #WebPKI governance that's more than often just a paper tiger that doesn't impose any sanctions on the heavy weights.
-
For anyone who is panicking over certificate misissuance for #cloudflare
1.1.1.1: such "incidents" happen on a regular basis. For example #letsencrypt once had to revoke ~3M certs because their #CAA validation algorithm was faulty:https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591
Name a #CA and you're definitely going to find cases of misissuance. The problem is the #WebPKI governance that's more than often just a paper tiger that doesn't impose any sanctions on the heavy weights.
-
CRLite is a fascinating piece of technology by Mozilla to handle revocations on the WebPKI, in a privacy-friendly and bandwidth ~friendy approach: it uses a new compact data-structure called Clubcards (basically Ribbon filters (enhanced Bloom filters) with partitionning): https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/
-
CRLite is a fascinating piece of technology by Mozilla to handle revocations on the WebPKI, in a privacy-friendly and bandwidth ~friendy approach: it uses a new compact data-structure called Clubcards (basically Ribbon filters (enhanced Bloom filters) with partitionning): https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/
-
CRLite is a fascinating piece of technology by Mozilla to handle revocations on the WebPKI, in a privacy-friendly and bandwidth ~friendy approach: it uses a new compact data-structure called Clubcards (basically Ribbon filters (enhanced Bloom filters) with partitionning): https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/
-
CRLite is a fascinating piece of technology by Mozilla to handle revocations on the WebPKI, in a privacy-friendly and bandwidth ~friendy approach: it uses a new compact data-structure called Clubcards (basically Ribbon filters (enhanced Bloom filters) with partitionning): https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/
-
CRLite is a fascinating piece of technology by Mozilla to handle revocations on the WebPKI, in a privacy-friendly and bandwidth ~friendy approach: it uses a new compact data-structure called Clubcards (basically Ribbon filters (enhanced Bloom filters) with partitionning): https://hacks.mozilla.org/2025/08/crlite-fast-private-and-comprehensive-certificate-revocation-checking-in-firefox/
-
Within the #WebPKI, the "common name" is widely irrelevant afaik:
https://infosec.exchange/@pft/114745413874521644
So the question is: what are the circumstances that can pose a security risk if IP addresses are included in the CN field.
-
Within the #WebPKI, the "common name" is widely irrelevant afaik:
https://infosec.exchange/@pft/114745413874521644
So the question is: what are the circumstances that can pose a security risk if IP addresses are included in the CN field.