-
I want to have a signed token with a subject claim. I can create the token perfectly well.
When I'm verifying the token, I would like to first determine the subject. After determining the subject and…
-
It would be awesome if there was a way of installing `rvm` which relied on something slightly safer than blind trust ;-)
`curl ... | bash` is a very risky thing to ask users to do:
- http://tserong…
-
As we all know, today more than ever before, it is crucial to be able to trust
our computing environments. One of the main difficulties that package
maintainers of Linux distributions face, is the d…
-
Question: Why? What do you gain from it?
Related, Schnorr BIP: https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
@jonasnick's talk: https://www.youtube.com/watch?v=XORDEX-RrAI&fe…
-
Verifying DKIM signatures against forwarded messages will fail. The forwarder (receiver of the original email) will have verified the DKIM signature and ideally re-signed the message with an ARC signa…
-
I've had a requirement to implement a custom version of `ISignatureFactory` in order to sign a CMS structure using a key stored in an HSM. Security requirements mean that I am unable to extract the pl…
-
The following page gives a list of safe curves to use with ECC:
http://safecurves.cr.yp.to/
As far as I can see, Crypto++ doesn't currently implement any of the safe curves listed on that page (e.g.…
-
Using crosstool-ng-1.22.0 to build toolset for x86_64/uclibc.
Using buildroot-2017.02 to build a Linux image.
During compilation of busybox, I get this error:
`x-tools/x86_64-unknown-linux-uclibc/l…
-
As far as I can test with https://diafygi.github.io/webcrypto-examples/, at least Firefox supports now RSA-PSS.
Hence, the note here is no longer true?
https://github.com/cisco/node-jose/blob/0d…
-
As we all know, today more than ever before, it is crucial to be able to trust
our computing environments. One of the main difficulties that package
maintainers of Linux distributions face, is the d…