On Mon, Oct 16, 2017 at 09:14:29PM +0100, Rob Stradling via dev-security-policy wrote: > On 16/10/17 20:01, Matthew Hardeman via dev-security-policy wrote: > > The authors of the paper on the weak RSA keys generated by Infineon TPMs > > and smart cards have published code in multiple languages / platforms that > > provide for an efficient test for weakness by way of the Infineon TPM bug. > > > > Perhaps this should be a category of issue identified by the crt.sh engine, > > etc? > > Hi Matt. Yeah, I'm working on adding the ROCA check to crt.sh.
Whoops, didn't see this before I submitted https://github.com/awslabs/certlint/pull/55. - Matt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
