On 9/10/13 01:41 AM, Tony Arcieri wrote:
We use client certs extensively for S2S authentication where I work
(Square).
As for web browsers, client certs have a ton of problems:
I have successfully used them in a PHP website of my own design. I just
plugged away until they worked. I grant
On 2013-10-10 23:30, Adam Back wrote:Of course NIST is down due to the
USG political level stupidity (why take the extra work to switch off
the web
server on the way out I dont know).
Note that the obamacare websites are still open, and that parks that are
normally operated by private contrac
Some may remember Bleichenbacher found a random number generator bias in the
original DSA spec, that could leak the key after soem number of signatures
depending the circumstances.
Its described in this summary of DSA issues by Vaudenay "Evaluation Report
on DSA"
http://www.ipa.go.jp/security/en
http://www.nature.com/news/researchers-split-over-nsa-hacking-1.13911
Researchers split over NSA hacking
Cryptographers condemn US National Security Agency’s tapping and tampering,
but mathematicians shrug.
Ann Finkbeiner 08 October 2013
The National Security Agency is the largest employer of
On 10/09/13 16:47, stef wrote:
> On Wed, Oct 09, 2013 at 02:50:59PM +0100, Michael Rogers wrote:
>> This touches on another question I've been meaning to ask you: what
>> happens if a user creates an account from a client machine, thus
>> installing a client cert on that machine, and then wants to
On 10/09/13 16:41, stef wrote:
> i have something like this eccentric authentication implemented for some time:
> https://github.com/stef/tlsauth
> i also provided django and flask bindings for it
> https://github.com/stef/django-tlsauth
> https://github.com/stef/flask-tlsauth
>
> and i use this i
On 10/09/13 15:50, Michael Rogers wrote:
> On 09/10/13 10:56, Guido Witmond wrote:
>> You might want to take a look at my experiments. It's a user agent
>> that does all the key management for you.
>
>> It even does it with never asking anything more difficult than
>> what username you want to hav