[Semibug] Article on TLS
Jonathan Drews
jondrews at fastmail.com
Sat Jun 3 00:07:42 EDT 2023
Folks:
This is some interesting information on Transport Layer Security.
----- Forwarded message from Aaron Lopez <vieroninfo at gmail.com> -----
Date: Thu, 1 Jun 2023 23:32:30 +0200
From: Aaron Lopez <vieroninfo at gmail.com>
To: Jonathan Drews <jondrews at fastmail.com>
Subject: Interesting information for SEMIBUG
Hi Jonathan,
I forwarded an email of a newsletter I subscribed to a while ago. It's
about TLS by author Ivan Risti??. I found out about it from the following
link in the FreeBSD handbook:
https://docs.freebsd.org/en/books/handbook/security/#openssl
I think the newsletter is very interesting and think it might be
interesting to share with the rest of the SEMIBUG group (maybe someone
would like to subscribe).
The other link I think might be nice to share is an interview on BSD Now to
Michael Lucas. I haven't heard it all but Michael starts off talking about
the OpenBSD book on filesystems that he spoke to us about recently:
https://www.bsdnow.tv/507 . I think it's very interesting to hear him speak
with the guys at BSD Now.
If you think the links and information I wrote about might be interesting
please feel free to just post what you think is relevant on the semibug
mailing list.
Kind regards,
Aaron
---------- Forwarded message ---------
From: Feisty Duck TLS News <newsletter at feistyduck.com>
Date: Wed, May 31, 2023 at 1:02???PM
Subject: End-to-End Encryption under Attack
To: <vieroninfo at gmail.com>
[image: Feisty Duck]
Bulletproof TLS Newsletter 31 May 2023 | READ ONLINE
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2rYwg7oTZcmsbzgEZUhrT0qjW9Mafl15P-2BgykpzrNixEnetbUCEmpzF6zDNZ85-2BB2SnUuK0NQA1fWNny-2FxNFKPIsWjufnD1FaS1iE-2BRS0H7eYA-3D-3DzJIn_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXOI-2FpyB6ww2oVEdDdQIpR0ewKmLlf-2BQze409hvMO4056uUeIzLLJubCExJfEf3fbQRZt7XOecjMDwwrdrNuxiI54ZbzNBYzumGiRVyrD-2BX61qc4GIVI1MIPbPfmPMAa4pW0ZFXBEp2G8ODyyM8alLMeS4uTNi-2B24f2RU5wj2JEUe4H7G4C9GQamFakTOX63p0-3D>
| UNSUBSCRIBE
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2raBDFOJaEVDaQJtNcrmICd0bBLe8MX6D4-2BEDWrD0KeFpoRk3clNgjpWP-2Fj3xUzf01-2FeiGgHjtcDObGLe7eWi41lSZ41h4ozgpHHyHzputyZLg-3D-3DHHYS_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcVVMIpBaVXVjLdw2sTwguXkrHjPIcFhZgMbgDc0UiDQLNfP-2FmmZgSG97pqixS5n36tVRRznLmzB6QwuPvTvwBslGh0L42BMFASeOfK9AXg3lhzJ8HT0jvQLoxovDLDQDgof2Quu3njpuqGDObSNmpxAB3kI-2Bm3zAWIMse3zMsl2mtaCI0-2FGBY7gfBTsJo37Wao-3D>
101
Bulletproof TLS Newsletter is a free periodic newsletter bringing you
commentary and news surrounding SSL/TLS and Internet PKI, designed to keep
you informed about the latest developments in this space. *Written by Ivan
Risti??
<https://sg.feistyduck.com/ls/click?upn=gEPhzKDJApJgIOCT9B2LtZqQFE4GmEOZnPEF3K7Y16yK4PQsT-2Bryh55Rpwu4mWFoSLGt_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcX-2BsB7e2WFTvN2L1n0qRu1uEF1XFFaKpgrn1P3XLPEaot73T-2BTCuq9yJGnu8Ki1YFWWxY-2Flcm4OiqLuo1fn6CvW3DLhlxYb9jiHUD-2FPDpMtaOZuvAyIAxyKmpzsQ1V3CKVJHw7vvjeqBQ4j3a68DprSt5gR-2Bk8hGqPH18IyLSnCEfU62Eul7KZFV6qP-2BjL6PIE-3D>.*
Practical TLS and PKI Training
Join us on this remote, tutor-led training
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2rYyzmuJLSkejTzI6eyg-2FfJ-2F1FLuvSmkHjMNFwXDXmcasA-3D-3DhdlG_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUXz5-2FR7BOimFHTwV3kVqHswa4EJ-2FOIviahZUDrRMzP-2FYoTCUSvPL-2FrEUXJR0jYsVUn0zbjpLi0DIVr3a9Au-2F21WwVGkQ6RktZZ9BL52Q3fh-2BHQgSYd59BnuYwUBoZNNvLRuURK7iJMLDx5fWQDZp-2FUfGGsJmff7FA-2Fqjfx4lko2HFAqW8uocu90H0QVTlybkA-3D>
that covers the theory and practice of SSL/TLS and Internet PKI. Four
half-days, packed with information. This practical training course will
take you through everything you need to know to deploy secure servers and
design secure web applications. Based on our book Bulletproof TLS and PKI
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2raM7WBfFMD2w6477KWDk0XeXf12W2ZYnuEP-2BCHoB-2Bz6ZA-3D-3DKmKl_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXHrs9L-2BiPsVfnF0uR1tfWuHpON3KDZeFapmPCZEjhAZ3OxmizIpjzmjePx9-2Buvt8ZSesPgUp2qCl3kmi01arU0IGMBsbOcxUm86FJc-2FzFBkEA7r73SAo4tlzRrJbJDayINFFuyv-2BKjE6yhQ1YFzZM6-2BBjYCf63tetWJ7hgyrqIDB6gyK55Utlyb-2Bjc0p3ohzU-3D>.
*Next public training: 17-20 July 2023*
End-to-End Encryption under Attack
For many, fully protected communication with end-to-end encryption is the
ultimate destination of communication protocols. It seems that we got close
to it in recent years, finding the right combination of technology,
usability, and public awareness and popularity. The deciding factor was the
paradigm shift of transitioning to mobile devices and messengers for most
of our communication. The latest applications are all promoting their
privacy-preserving capabilities in one shape or another.
These developments have not gone unnoticed by governments worldwide.
Improvements in the security of network communications are detrimental to
signals intelligence (SIGINT), which is at the cornerstone of intelligence
gathering. A decade ago, most communications may have been in plaintext.
Today, there is less and less data to consume and analyze. As a result,
governments have been working continuously to find new sources of
information as well as embed themselves in the communication channels.
This month, for example, it came to light that the European Council continues
to discuss scanning of all interpersonal communication
<https://sg.feistyduck.com/ls/click?upn=sKXf4jkIV9K5pbJQQwU9SHZ-2FvaiD36BNE-2FFQt50ORCNE4YGi47w644-2FG3SDWzQmp7BkGPnQncPYpkxUksAKffOothiE6KCxbYT0pUdvIYIo-3DHCYQ_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWJkUO1E81eMKKzmu8gQAXt74Mw3Wu49YbvRXCqRbfAAaBAnJF4X4Xv48MbLr7CvDbiQFW9jZKGKqfU8NbopLrExeSGfFYWwsg9yAfSULnWri2f-2FW0J4QaUtSQxRMsiKmyqE7Rk9l4EQcLFXvgDk-2BrhR2bQBGO9ozxHTyW7CbX-2BoOolH8aaieaIuW9PPcHFR2E-3D>
and is also considering expanding the scope of its legislation to include
audio
<https://sg.feistyduck.com/ls/click?upn=QYYUL4JOY0XXJkHSrICEX2ItdvTn-2FEN5L6cM3QFVosbLBpkfF8CE7r5vdNP7BNX5a7yJpjk5Auic894vKgFWzadQlXWTbZxURvhOEjRUWMg-3D-4g-_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcU0lfj5B08ZLUQOLT5mUw8jRnBxnA9Wt52-2FleXlkfDyWTAPFUDFzzDZbI2iLBoQcuZX9sosSibl-2BMPmlCRz1LQP8zjHNs-2FLw6eNM3l3YLW4bqEfEQcpGUJdszlfwAiC5NP7fhAtg2cUtYMacbOYFePHJ2H9GjiftEXrcvOyxUIu7lcrCtmNT0euFBzchzd32c8-3D>.
This came on the back of leaked legal advice
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQOARiEMvsb4GOxlDFKdwuV-2BkefMqNQCMoMd4lW9LYqoU5EPQSD37Jqg3uEDzi8ahByrjCufFX9QeIoy7WpcWFkiBOJfXo6B4x9EhiP6HPwBc1ybzHXYThjReu9ih-2B4-2B86EoaKcdySBcWwv37Fk9nzIuAsVeSVw2NAaxqYNe-2BEtmmODgDyu1Wtr9mhgVtUOvTNg-3D-3DvlvO_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXZxHdy-2FrcO5IDfsd7JKGuk-2BNqPHZ7arwB-2FDwIqeEFAKlzg1JwEqwlcPci5Gtq7F4zWV4sdD4F9XUR6AHOJwSPUf-2F1M9hyUc4wAOS0igXvKx-2BKU-2FdwRiEtqx5gkfugfwm5p8-2FuobNYVUTGdjWZQZar7hywgEAAhdTQZDHx0uZ22IrnPUHfPgNCdBrsjmqwBIt8-3D>
that highlights many issues with the proposed plans.
Ashton Kutcher apparently spoke to the European Parliament in support of
client-side scanning of private communication. Who knew? Cryptographer Matthew
Green is worried
<https://sg.feistyduck.com/ls/click?upn=gEPhzKDJApJgIOCT9B2LtZH8dptinrO6fYAPo3dKk5k9-2FdSHEnXt-2B3XgNHz3dc8rFoBY1lJmD4Kg1-2FQWkmQFi1UXRxKgDUQGDYnAhGOh07AYGTuGnjZ5EsYFYwObEJ89HZsLxR3FHdPEPgqWAUxoKw-3D-3DdSgg_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUVgdyDFoMCoQCvEmsJqQO1sulXGe8Z6B7iddhQBr3SbTPvCIoIP0ruo1ezCcgHOfJcilnfAKdorw-2BQtVtP-2FsPWkgOhakxvdje6LbODGdOlBOHSvgelTNHVeZHlGbo3c-2F1dk2TkCufBklDDhTmt25FiCX1tDY9kHXtPFITr2aH81BUZKeiJsOeijuPrqL1XAqo-3D>
that politicians won???t understand what the proposed technology can and
cannot do.
In the US, the STOP CSAM Act could make encryption illegal
<https://sg.feistyduck.com/ls/click?upn=ZY1kZgMqNH-2Bs4J7uJf7QZvAI51om73xeEFvWZF0DwiSJCAXl5XIg-2BgRzQFZFjdfXoj-2BX7Rvc9B1oaM6R2UhLAH-2BjYNvQrO3HGkdDa6i5vzL4N2-2BGHZdlmsD1ALWEGb4Fgudj_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcVhNMVd9PbPfUQIC92bTL3dsU9BjcP84husVkohu4bK7x0FVcW8Lc1v30e6bwTMtax2P0d2oRLr0bXAy7Ph-2FfdSRxHx2iwkTmLDsUZt3LSWLvVx1sj1NbHA-2BByR98oFFbTPxrOa5506aizDDNhTApk7ZoAT53-2FUjuLGmNBw1VvkKmckIaa2or5mNCorJm8rwmg-3D>,
according to some opinions. According to leaked information, EU and US
officials held talks in March and agreed to jointly pursue lawful access to
private encrypted information
<https://sg.feistyduck.com/ls/click?upn=PHuysGV0279eKytWXqhf-2F8m95XFWaHS9VU-2FsRm-2ByAfrsrkqtyTTldSARppRBSKhv0qr5Ap-2BofREesvCfeNI3YGmUVv2Rittqf1o1-2F0NN-2FTVQpqP6FIc-2FXs2p48ayhWvybVZVCdyKWs0KEB2gt7kIVkKP1OHONQsJIz2e7KMAUsuKK7ixp9Ax-2FxRDIAzgcOZhcTzlJ7X5Zz3RSQwZT3BK-2Bg-3D-3DgIGa_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUU8uh-2BIfV6MrXixIf1uZT7g49Id2Do0JMTPxhzVUC4jIjuFmSmcdMwR-2B-2FWPPvekDnSv7m6-2Ft-2FSlw4o1vD8AODLYJ9Yx0frC-2FVRiGhAz7XYm2aPZLwY1IoyK-2FuM80rThyokEpiW6NVbkS0TCRVI7AcGeFWDL-2FdBfkZjXjdi0TbDbaRl6Mpj-2BivIYIIFjOjWvPo-3D>
.
If you recall, last month, representatives of leading messenger
applications wrote to the British government to oppose the Online Safety
Bill
<https://sg.feistyduck.com/ls/click?upn=K-2Bw44POCt7wDKFxkrz4b-2BhrTpeTcmcqkxt-2BCku7ndbwUCExk-2FE2790BM6hx9hDpA6y55e7ky8enr5g3VBnDCpw-3D-3DqHK6_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUGzkRrjmqZlY-2B8twMTaeXoHNCsJ59cm5b5E04VY-2B-2B6Fudz7PeqB7s41xfx-2F6ZMBVCIIAQY7XD1FXB1cRywb0dtDzLu-2B5LU2aGBEKW68gRHj7wvmH3pZV3YdbTSTmKOFE-2FegtrmMcS-2BY2L1UsuVRWxd3K5aTTBLxuAYzGHD-2BP2NTLMh6BBh1qaL76wZteJum44-3D>.
In India, messenger applications are already blocked. This month, Element
became the fourteenth messaging app to be blocked
<https://sg.feistyduck.com/ls/click?upn=2JBYe9wmS0xNhrv9sLSe02y88zCjOvXpy-2F56KA8NIL4l17qoHwzL6e1p72dJ5y-2Fg6q8VWe7Z9423lWt88CGmkFSItUDUP8SRtB3fABAs-2Bbb4XH41kWC7xgRt51AZTg-2BSqgS1_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUphgrBlK70oqTCk8yadGs3icBTOdAEmbEqCJUfDU5Lksvl2W34LbRj5T1teW9nBkpwI2wQ-2BCQGudTiwbu4tT-2BaooQ2PoRESgNPby90abm-2FMHUaCrkbTYnw87vyKb-2FkfvAApYMCQm5iw7JthQprafDsoZwwlaxSC6Ab1UIB6m35Uxqors6-2BzSPULreofZUViGI-3D>
by the Central Indian Government.
Short news
Here are some things that caught our attention since the previous
newsletter:
- Google has proposed
<https://sg.feistyduck.com/ls/click?upn=jrKNqtqMgx8exsXpf-2FZVFWxL9jwuJSyDPN9K1HcNlqantyeXaxFW5eOJ1mjnkHOv2yWvDdDkbX4HjtRcre5wEA-3D-3DAa_U_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWdetEbgnqnej5mh-2FCPUu799KGZ0ADeiWgKIX7a5OA-2FdPqDhyxhWj4hq-2Fd-2F1CAmZJcjKufIpn0ROT-2FBY0tpTIDX4H7W2GT5H6eb7gG-2FuDSApuDfhcENB-2BIFCKUg3tG-2BcqxmgJrvgLImAjJ7rbikOyfvpptc4qjNGrW-2Bzqm-2FOlAYp-2BjCoLXBgr1DuQb3JYjiqTs-3D>
introduction of short-lived certificates, making CRLs mandatory, and making
OCSP optional to the CA/Browser forum.
- A group of researchers measured the performance of DNS over Quic
across multiple vantage points. They found
<https://sg.feistyduck.com/ls/click?upn=babvpbOPZb3iR6AvhcnFT0zXcs8kFd6XP7YsbpczuOCnDQroW4KqHnlcV3xHYQATaFt7_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXcX3zxI9sdA0pjRVAzQq-2BWoRj3tSdarCv0PRZwNEpD3STXrA8qIfIwcbUF3ye6aU6VjaMsTEagoGalziYUJjjLnqglIf329ZFv1aADsGduRw21qU2Jw0bo-2FEMWTy1GIevpOEewHVm6qCKG2LudVT5msKQQBohfgWc6ztVmuopXs26uwL-2Fk7xEcKznaf6iSIJ0-3D>
that it performed 10 percent better than DNS over HTTP (DoH) and only 2
percent worse than the dominant (but unprotected) DNS over UDP.
- After MSI fell victim to a ransomware attack, its code-signing
certificate was leaked
<https://sg.feistyduck.com/ls/click?upn=K-2Bw44POCt7wDKFxkrz4b-2Bg4Frg6smyHFy5gUnb8y9mNTKDp6L5ML1WLwonMKfbwF8Mtf9b6YevliXVIVFCKmqH0k4OlPfCmxKYLcQpcDi-2Fdjw07x6JIWGsnOk9SS0ZjV7SHx_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUZBSM6qbizsl-2BjauNrvH9HZOdsVrbMHfitvfWZ4ahCUnB89HCDzWcH7kqqN-2BBk-2FAmv6tsHsj-2B68DUAgz-2FXshlsBD9DwtCYf71Wd3S4y4S9fKWsaUiYvJPcElDeg11BoJ7VYDTpoK6hAD-2Bq3R86gGMNI2BSfEuwm0DrQSy3DrtIa78NeglBTusrtPN5yfzt8y8-3D>,
opening a door to new attack vectors.
- In a series of tweets
<https://sg.feistyduck.com/ls/click?upn=sKXf4jkIV9K5pbJQQwU9SED4S1F8KcdARTg-2BLTTYB1pL5h-2FC9D6PTskO9fkf98viLMLahHxBewxVwKsUfLSD0g-3D-3DVLbk_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWdGr-2FdMtpWXOX5-2BgJrvOaogRm-2BTmK-2BiTCT6uqA0I7zwkD2XfY7kwuzl2RjYPruR65lVm0GIKzUxQJL1N4ZeepHn8GZmk8EexbAnHLyqYlwgSOlAUWzufpK7vP9tlbo-2FjUyWcXQDbdfpSK35HFKc2AemxRkc-2FkdgS9slHblyn8q70Xop7MsClpkMgCwCbxVwIQ-3D>,
Jan Schaumann looks into how Certification Authority Authorization is used
globally.
- Anything you publish online can potentially become a part of your
public API. Google has been wanting to shut down the v2 version of its
CT log list
<https://sg.feistyduck.com/ls/click?upn=9D6V-2FqaK-2BuRBJ4c7RRL1TN4xr4mf17p1tOGCEbF3w2rLtta3Fl-2FgkNtoxdQat5YS0R70hVUBfAzdNxxgs3lD5HczXrs7JmI99nPnuIwUuQHT-2BVoS1cvN8TGMrs13BComI6c8_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUovy4b-2Fg1QLFCXzTwYaS3ZPblJ41EZF1niFkkFCygE2zL23pDxyVuUhQOfWh4DjxhcFogfC-2BKHJIMz-2F6LT1J-2FQVg9R-2F5NPg8TdR-2FIyiqXCbQR-2FtyZQ9yXuvoI6zw-2BQMZQyPpK1QordEpxntQFOzudHe1FAr-2ByTGihD1in1nLPVN3nRYHu2IMujbJh-2FvLwKkW4-3D>
since August 2022. Unfortunately, this hasn???t been easy due to the fact
that there is an Android library that depends on the v2 URL, leading to
many apps that will now need to be updated. Some developers were not even
aware of this dependency.
- The *Security Cryptography Whatever* podcast spoke to the team
<https://sg.feistyduck.com/ls/click?upn=-2FBbPBHU0p29LpcmC9wIh8LIfDvBN8LV2X1KH2Fagup-2FoDyI7078oGKo5kKN-2BR-2BOTICRKbl3WQubMGgzCsV-2BnQsOjsQWVIozQAbkdIxIFkFIVyChzOO54xGTC2nqKTGjbPU0b_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcVnTiY-2B2PdKEgI5yTvLJ0wqaugjiHfiD64SkVEpHOFRwYyzUQ4BKyLJNcE7lnm68XB8se4Zrmodiael97IFGCYgxGjE4-2Fm8CrExCb1vXs6kwaPHPfBzY52pX14-2BcXIPI3t8Cw1qwUF7Kd5xuiOiZ2TOcJ-2FTV6Wv7rFWjnn8sUkIdxysM7cAuIhGmmNSZY8CdaI-3D>
behind WhatsApp???s key transparency.
- The *Trail of Bits* blog reported
<https://sg.feistyduck.com/ls/click?upn=gEPhzKDJApJgIOCT9B2LtUaVt2ekjCh0OSC6RpaU-2B-2BX1vaEFGzcXUh2tEIfhZ0mbwGdeEZlRmKHwuJppUN-2BOQBx5BwWA-2F-2FD2I7tAuQDznak-3DoieZ_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcVoRu-2Bvhjvu48HRhK2UGo4vcMHdCcLD4f0I55uVkUWLy8iDbwbK9Ri6CqkQZzA3YeDnOvNZN2Kyv3pf5rSQR2u0oD80re5Qo0oEqcd4apdC28uskYPNw2QIBMXSJFiL8gntSwsn7qS-2BMw-2FIph3wbNkgpQphrPwDkJFVYbN0cXnDG4DY751uxz1OrdKtkTdd3eM-3D>
on the recent Real World Crypto Symposium.
- Twitter launched encrypted direct messages, the security of which is
lacking
<https://sg.feistyduck.com/ls/click?upn=sKXf4jkIV9K5pbJQQwU9SIJHTZz239-2Fnxc6M-2F-2BSB8lgtK36W6fnCzsuMLhLslmFnbKASxs5XpIisrxavlC8TUQ-3D-3D4rX1_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUgcIP80uxeCrEpHahec-2BlOZ-2FMF7yGYKFuk2lQGdWQmXACwwswh052L4E3s24TSQwp1CDcXh0APDnDrPL27OcLDhGnCful7Y0tg6TSSb-2BqO5jbHHiAmbDw4md-2F1d-2FUtx5XnS8TCEeRfdcXT9WZBv2BFJTwTvZiM4XFb10PGW3ze4T3IwT8jDZVCxhrHPPd2cow-3D>
compared to the current state of the art. They offer no forward security
nor protection against active network attacks.
- Matthew Green wrote about pseudorandom functions
<https://sg.feistyduck.com/ls/click?upn=gEPhzKDJApJgIOCT9B2LtZH8dptinrO6fYAPo3dKk5k9-2FdSHEnXt-2B3XgNHz3dc8r3-2FkkH6LNEPFOdfW-2FvY5rQJNfIAgYLyIlqTCf-2FsmkbkYBRaZLmer-2F4BDQSSRPDW3ent_y_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcX3MiFETNPMbVhzsW7ttWAm2YZknFt2VyqvTnaUUAuQ2j-2BkMqp4OKL9oLpbHNiNTMqdnM9CwNDytPGr5tU0dEpiVJZ4Ga1SqBy9oYwkmZ3OWPH1NN-2FKeh-2F5RvKgweoT7NBiOLMDcSUJ1j9595A5TwDnB2k7Zv9ty9t7DxtT9lkThiLf9JCUDDSyopcOinBiEUQ-3D>,
an often-neglected primitive that???s critical in cryptography.
- Did you know that there???s an implementation of TLS 1.3 in JavaScript?
It???s called subtls
<https://sg.feistyduck.com/ls/click?upn=jrKNqtqMgx8exsXpf-2FZVFUuvbJOGpZNHWzqB-2B0Zf2IBWm7dgcy-2F75sRHt3BGAn-2BmOBdC_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcVqcTCBXO5jKrEf-2BfGd24esGMRIGEXfH00zpwBSzfSLifFUcz2wuJyihZk6LtxQnL3rr401lE-2Ftwz5S-2FwQETI73mYMmw-2FTzDtz0knIO9x0Ivm7qZl0-2BbLVSBrA-2BjSKfu0T01YDyEzHzuQHZqveM8vcWztNaQzbYgW05DZbK-2Bbe0bKJWgosqrZLLKr1T3BVWgOc-3D>.
There???s a very effective demonstration of the library in action, showcasing
a web page that fetches itself
<https://sg.feistyduck.com/ls/click?upn=JAUIlJIP2mUVkpo4gAI9CiDy2wmUVICJPd1YfS1BOO4-3Dpes3_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUNdbK4FfyjG5500LBgUEDO3ZAk8-2BnIY4HCqC5j55G1a899qGqb-2BiYmOzNFrDLzpK2fuCfnMzqkn7Vxz03VtQtWRgP9E-2FWwy4ZhgHZ3hOi1bu4LyFIlAUyCS0KPsCExhRQs5uKmXPGN4LuE4yucctgTbG64Na5siA58vzXgNKPwgWaYK3HTt4ImrY26TMlDYOU-3D>
and showing all the diagnostic information.
- Certify Certificate Manager, which provides management of ACME
certificates for Windows, is about to have its sixth release
<https://sg.feistyduck.com/ls/click?upn=KwGr1IWdp3TkvKFApkBN-2B89SMK557i3PuGzVdhSe9sWdB210rbfttF9Tmz-2FDiM4-2F22gs_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcW0rosJn2Jgg4O8JA9mhEiWHEponyPBwQVFTkNZFp94wnVwBah4ExIZZvMmFm6UzGOvOfkI9Wwr-2FTrAJT-2F3MDvFwL9VLG1XVIWGv-2ByDW8WEJMGX7OhhyzmYJtRV4pW40uRy9z4y96CYLkVeHhYiOI-2FA7qarSg-2BhyWaroReXUnpDAvl-2Fb-2Fl-2FuEYnmraJMAd0tXU-3D>
.
- Rustls
<https://sg.feistyduck.com/ls/click?upn=jrKNqtqMgx8exsXpf-2FZVFd0vc8hhREkAzqsfM0rXgr1h1P0eqy1eYLq55JXCDbilw_z9_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXS04egHjruTFa2HyN9SDu9eueHnCm5NmzieJweCUz2jXrD2v3v0-2FWLXLgoXMIi3z0vOXWCnCZKcqcQxpgAlMWGpctzps6YMKaq9m7HdwtTf5iSGtr9Ot2UJQOcaLmt7Qu92bbf-2FzG4t34UTb4cD-2B3s6DFaO8Qn0cCJifelKUyuUowfN2Mhly7FStSkjUesgRY-3D>
is a modern TLS library written in Rust.
- Neil Madden wrote about hash shucking
<https://sg.feistyduck.com/ls/click?upn=Wy-2FRg-2FovmAByEyGdvlNq-2BPdshfCZ1-2BgkZAShdO0E54kbsyNO96Kxo7PKcuAAuKWjzwtPTOfxEXfiFjqmJN8AWSpL5nqCVetQS63zOh4ItRE-3Dnx6j_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcXDmioOnd-2FFLFirOHvSGyLOpvCAJUswBnNspATlXvX41Q6F4zWFfwNeh5rOmOgHAnf7llqciXHibR31Klt8G6thlbd-2BKG2Kmg69ApkaJYTYE7e4ysY3tnKr6gfApHPOimFnwkYDATK1JSZHW5fSczXYDl4AmUODl-2FJxr-2F-2FOtV-2BrhWxbOgbY4HNhCX5ItMnopZc-3D>,
an interesting attack vector against certain password storage schemes.
- NIST is seeking comments on its project
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQM-2BRqsjpzcqCXkfWzIadFT6MTcVANrRG0xiW-2FRXKhtslWHFQdSzl9PV-2FziA0wbFciVfw-2FJhAdCH4cswRbSUuY6o-3DqzAj_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWe5mKWkb0mP9xK360K-2BWeKsDM7bxS8UFdt7BvMXfYAXKKexYmpQhEbXsJXksop0YsdAopHx2FT0b7kO0p8HnZG4RuU6wVQqk6YSi-2FzvSMbX3-2FbsrQA0FFxDUKsN3dFng3yWPsAfnOuUM2PDbvhmY-2BDHlb-2BvjLLPkUC-2BbOKkBJjOsfhO0-2BrFGQFbcZCtDrqGjs-3D>
that aims to standardize controlled decryption of TLS 1.3 in enterprise
environments.
- In response to the rumors of Linux???s disk encryption being unsafe,
dys2p published a detailed analysis
<https://sg.feistyduck.com/ls/click?upn=9k6uOeIlufIzG2vBzMpWdJOFhuREtd50pvMBbfpPdddBw3fpNh7lILqSWi66-2BZCGKQMnHI6B6cmlYl66-2Bmw-2Fdg-3D-3D7pxg_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWema6RdVLTiauWh-2Bg9UPf9uX680TEzZY8PUPqTYdFuIMt6qTiTEkcjUz3g2Gs9Ie3yEsvEGbrsiEHB43CsKprvkhj4UnIGZMa51-2FLyHEiMpL1c8Nkg8vtA6zuIAphSd48ZGpawxUA11IFz6WNX56myU8cbwQ-2B-2FRPFdMthTgh836705Qc5sG09FucoP0QT8MDA-3D>
.
- RFC 9399
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQK9D2Wf1xcdAeAZop1osQ2ttZ4-2BrN2EA6l0GdOtpU-2FAtBE8T_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcW8A0G1Z9wcKyKP66c-2BleMIHfXCZzXCGPb5lTTBxkXyv4USy4LwXs3tXVSVsQg7vkNl-2FIZvhPDviQNi31oxZ-2FacATbxfX7V5ZGvXqe9P-2BninfHJ5e-2FfrpWxibnzlWecf84rvDQtlveG63hAHSjKgYVdGtiETrPnfUs2SEyh2rEtMUeXFCbUitt57ppf2gwd5ZY-3D>
adds support for storing logos in X.509 certificates.
- The Chrome team announced that they will be removing the lock icon
<https://sg.feistyduck.com/ls/click?upn=gEPhzKDJApJgIOCT9B2LtcALqGl83Lt-2FelBM4jg-2FpeY4dvtbBbT9naQI2bmfpcfudKJQiauRuPf97azC1uTLginn2ytX1J8KuDPjbZUEXvE-3DjutD_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWCO1S4Ed3eShKV81CZEuSkwEb4UAjdV5OX-2F1brWzYI-2FDT2b59wWOcnInVV63sDj-2Fa9MDwp3hzaSjxb7822zwKJrwNUecVbzXBxak-2FT39Xmd3F-2FfpNLxzaZK7-2BdVsUr46yRNUk9WJF6oQqFfn5bArsk1aHaaXQOb3EpakrG1KgT3wp4UobOx9ihlW2nZWCrIag-3D>
that indicates retrieval of content over an encrypted connection.
- DigiCert released Corey Bonnell???s pkilint
<https://sg.feistyduck.com/ls/click?upn=vbWOichPeinPwY02LUj4XRlJcDsP-2BHuy-2BBrnJ9cVrihCA3wm8eg00aFUSvuXLKQw71Yb2-2BUCuXiyY-2ButbywJPKvdo50bvHx8yaiKgkDOZSk-3DsVWh_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUTCaPXj3j65xQYRzANAUq3NzWTwAip1AC7sEv5SxYDwezXx2xzWkeT-2BJhoH8sQ80vT1a18zyQPvfiYHTaJ4A1Np7OZjcvpUtZlvlfmlQ1ovwTFs8EIum0b0G-2BStS3sHvqA9Mt2X6-2Bu2wT62roRYWtI7ILliUnL28Jszr-2BP8R73jNNB0-2BeLUCsJod79KR-2BjHzA-3D>
certificate linter under an open-source license. This new linter is
designed to support a variety of structures, including certificates, CRLs,
and the like.
- If you haven???t followed quantum computing conversations in recent
years, this explainer
<https://sg.feistyduck.com/ls/click?upn=Q40Kj0P8sXm9xp9i5YykggQw-2Bi-2BaCVl6GOiDo3dw5YXT5VV87mWdK7TTDXK1egI9TtE6_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUNqa0L6PAI0QQZIaF3ZSv4VrsnwM80cPD5h1t1Qz8Fh0LAmlJatbLJ0Ad05IcKKxIATmy8e9-2B08uL-2BI9rpXjXsqB-2FqVBu45-2BvprmIhPzVWByuCX-2B8o2L3po2i6D1qmIwsy6ctW0raPZ8Hbsi4D8nsXtYU13G9Vdi0YOmeRKIZPxmM6u0bYXoLvEoyWWaPra-2F4-3D>
from Financial Times might be of interest.
*Copyright ?? 2023 Feisty Duck Ltd*
Registered address: Unit 2.05 12 - 18 Hoxton Street, London N1 6NG, United
Kingdom
www.feistyduck.com
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2rYZat0zDhOfgIB5UquhFHe6Vw7n_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcWt5l4g03gfyFni8EAeghE9EoqImCm6F7-2Bc3fc5xtAODxdXoc6RPQBDNcvwX2poLy77hbt2b6Zx0CyVPQ9O-2FSgCLjSNWj7nhtB5qOWTYg-2FeUxE2dkEZijKXdke1uVO1qHySX33ENwEL85E84ni-2BTpcnxpgbj1zY3cSgYxba1x0BXMyvP2iQRBIv3wGW3DGxnTs-3D>
/ hello at feistyduck.com
You are receiving this email because you are subscribed to the Bulletproof
TLS Newsletter. If you'd prefer not to receive further emails, please
unsubscribe
<https://sg.feistyduck.com/ls/click?upn=QCOp8HeyjJztf4yzEvuxQN1z-2BdxT4B1JNaamEBrk2raBDFOJaEVDaQJtNcrmICd0bBLe8MX6D4-2BEDWrD0KeFpoRk3clNgjpWP-2Fj3xUzf01-2FeiGgHjtcDObGLe7eWi41lSZ41h4ozgpHHyHzputyZLg-3D-3DgCRG_CDUc43yCOSmaeTw0YRICFxjFHClooW-2FEwOkH9xdS55Xn0MlVmXtO-2FqFcLUTmfzVSsrpGPhd5ZXmpO7A7SvnDg3ycEidL6GwfQ33FIqWanQG4WBWUFKGfOFp4LqzRqqdku6YURWpsN8XbwNXM-2BE0rE6xMnj8HR79WmvBDdpHZXXONp89Q7emCBf8V7dCr8iFn-2BcOFG9yoKCp7-2FmLqJX3cpjCz6scg7HbUjiExHhhKvcUvIZtMX-2FecxkNCuPRLSG7sousnjOjOZREW3sZQ3kmx2C7-2BOpXt7giUtfEi8t5UYorVl6II-2Fu3iHNz3mSHr3Nq4HEKpoozZDjRBgrXYZoke9oyAL1jSH4nUKCrIuw3-2Fm7MXepi6OxUuGMIZ8gTPrloeApSQ5SLY0W4fzBYJQJfKFg3vDG26YO7LdonNNXEDU7g-3D>
here.
----- End forwarded message -----
More information about the Semibug
mailing list