zero knowledge posted:and that’s exactly what’s interesting here: isn’t it a big honking conflict of interest for one company to run both a CA and a root program? — not just that but THE most powerful root program that de facto runs trust on the web they're also the originators of quic which has language that's designed to let them make tracking people much easier - and it's already being used plenty and will be adopted more, because it has some of the best features of sctp, while not requiring a complete rework of internet infrastructure.
|
|
# ? Apr 27, 2024 12:37 |
|
|
# ? May 19, 2024 14:49 |
|
okay made the larger analysis public: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/J3aX8OKIT_A/m/xB723PIsAQAJ
|
# ? Apr 27, 2024 15:51 |
|
Wiggly Wayne DDS posted:okay made the larger analysis public: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/J3aX8OKIT_A/m/xB723PIsAQAJ also appreciate your summary of entrust: "refusing to revoke in violation of BR and their CPS" really making it clear what's going on there
|
# ? Apr 27, 2024 15:59 |
|
Antigravitas posted:It's not going to happen over some typos or missing fields that aren't critically important, but I can absolutely see the EU deciding that having rogue and evidently unaccountable CAs trusted on its infrastructure is not in its interest… step 1 is to mandate that browsers deployed in EU countries shall include government CAs in trusted roots. once you have that, "do we really need the others" is just a small step away. the wheels are in motion
|
# ? Apr 27, 2024 16:03 |
|
Antigravitas posted:The real question in my mind is the implication for the self-governance model if an organisation just refuses to be governed by it. If CAs can just ignore rules without consequences, there will come a point when a nation state or supranational organisation will decide that the model isn't working. yep. i don't think it is any exaggeration that the self-governance is on permanent thin ice. that probably means both that things will have to at least *appear* to work better than this, and, very unfortunate for the entertainment value of the thread, that just cold turkey distrusting can't really happen. like if the self-governance breaks a bunch of poo poo it probably starts being discussed real hard if that is how things should continue, even though the action itself was by the rules.
|
# ? Apr 27, 2024 16:22 |
|
redleader posted:booooring spankmeister posted:after 600+ and counting posts of this poo poo there had better be some blood at the end i lust for CA death
|
# ? Apr 27, 2024 16:28 |
|
Honestly, I just want a walking corpspeak generator to actually experience consequences for only spewing bullshit instead of attempting to solve problems or (heaven forbid) admit that they made a mistake
|
# ? Apr 27, 2024 16:35 |
|
|
# ? Apr 27, 2024 17:50 |
|
Lolling at this thread, especially this post
|
# ? Apr 27, 2024 20:04 |
|
|
# ? Apr 27, 2024 20:14 |
|
|
# ? Apr 27, 2024 20:32 |
|
|
# ? Apr 27, 2024 20:33 |
|
buddy, they won’t even let me revoke certs
|
# ? Apr 27, 2024 20:54 |
|
|
# ? Apr 27, 2024 21:14 |
|
|
# ? Apr 27, 2024 21:17 |
|
|
# ? Apr 27, 2024 21:24 |
|
|
# ? Apr 27, 2024 21:25 |
|
sitting in the tram at 11:20 pm Saturday evening laughing out loud at this post getting weird looks from my fellow passengers
|
# ? Apr 27, 2024 22:19 |
|
|
# ? Apr 27, 2024 23:13 |
|
can we make an image the thread title?
|
# ? Apr 27, 2024 23:15 |
|
|
# ? Apr 27, 2024 23:34 |
|
spankmeister posted:can we make an image the thread title? Goddamn do I wish. Someone can at least update the OP.
|
# ? Apr 27, 2024 23:49 |
|
|
# ? Apr 28, 2024 00:02 |
|
|
# ? Apr 28, 2024 00:38 |
|
please help, my family is dying… revoke the certs No
|
# ? Apr 28, 2024 01:07 |
|
namlosh posted:please help, my family is dying… stop spending so much on being an active participant in the ecosystem and advocating to your customers for certificate agility
|
# ? Apr 28, 2024 01:09 |
|
lament.cfg posted:buddy, they won’t even let me revoke certs
|
# ? Apr 28, 2024 01:30 |
|
IF THE CAB DISTRUSTS ME FOR CONTINUING TO ISSUE CERTS I WILL FACE GOD AND WALK BACKWARDS INTO BANKRUPTCY
|
# ? Apr 28, 2024 01:40 |
|
pre:D E C E R T I F Y Y O U R S E L F A N D F A C E T O W A R D S B U G Z I L L A
|
# ? Apr 28, 2024 02:12 |
|
Volmarias posted:Honestly, I just want a walking corpspeak generator to actually experience consequences for only spewing bullshit instead of attempting to solve problems or (heaven forbid) admit that they made a mistake
|
# ? Apr 28, 2024 02:26 |
|
Volmarias posted:Honestly, I just want a walking corpspeak generator to actually experience consequences for only spewing bullshit instead of attempting to solve problems or (heaven forbid) admit that they made a mistake
|
# ? Apr 28, 2024 02:45 |
|
░R░E░V░O░K░E░D░░C░E░R░T░S░░I░N░░B░I░O░
|
# ? Apr 28, 2024 04:45 |
|
gnatalie posted:░R░E░V░O░K░E░D░░C░E░R░T░S░░I░N░░B░I░O░S░
|
# ? Apr 28, 2024 05:09 |
|
gnatalie posted:░R░E░V░O░K░E░D░░C░E░R░T░S░░I░N░░B░I░O░
|
# ? Apr 28, 2024 05:29 |
|
gnatalie posted:░R░E░V░O░K░E░D░░C░E░R░T░S░░I░N░░B░I░O░ please file a bug for non-conformance with the TLS BRs
|
# ? Apr 28, 2024 06:16 |
|
actual lol
|
# ? Apr 28, 2024 10:38 |
|
oooh part 3 is up: https://webpki.substack.com/p/entrust-considered-harmful-part-3
|
# ? Apr 29, 2024 19:08 |
|
notable highlights i think should be noted in there imoWiggly Wayne DDS posted:2020-08-12: Entrust: Invalid data in State/Province Field
|
# ? Apr 29, 2024 19:24 |
|
Wiggly Wayne DDS posted:oooh part 3 is up: https://webpki.substack.com/p/entrust-considered-harmful-part-3 I love these, thank Amir for writing these up in a public place. This is a lot more shareable in professional environments than this thread.
|
# ? Apr 29, 2024 19:25 |
|
|
# ? May 19, 2024 14:49 |
|
Wiggly Wayne DDS posted:2020-10-23: Entrust: Subscriber provides private key with CSR lmao
|
# ? Apr 29, 2024 19:27 |