-
Hello,
I'd like to suggest the removal of `ring` as a dependency all-together. That also includes rustls and webpki. (rustls is used by the websocket transport)
Why:
- Because I don't see a point…
-
A question for Automerge users, especially those building data sync layers (@HerbCaudill, @pvh). In the context of developing the [Rust implementation](https://github.com/automerge/automerge-rs), @ale…
-
The current signature algorithm method identifiers won't help many developers choose the right one.
https://www.ietf.org/archive/id/draft-ietf-httpbis-message-signatures-04.html#name-signature-alg…
-
This is a minor issue with an easy workaround, but I thought I'd report it.
The Javadoc for `javax.crypto.Cipher.update` (https://docs.oracle.com/en/java/javase/11/docs/api/java.base/javax/crypto/…
-
We received the report below about an attacker that can create many invalid signatures on a metadata file, delaying the moment when the client will determine the signature is not valid. This delay ma…
-
Right now the methods of Mac trait which returns Output where Self doesnt have Sized trait in it, for getting polymorphism around Mac trait. I am requesting this for this [deno issue](https://github.c…
-
(This is required for **silver** status under CII.)
The project MUST support storing authentication credentials (such as passwords and dynamic tokens) and private cryptographic keys in files that a…
-
@AxelNennker moved from CCG (https://github.com/w3c-ccg/did-spec/issues/38)
-
Currently a DID document supports expressing cryptographic material and how that cryptographic material is authorized such as to validate assertions or authenticate as acting on behalf of the DID subj…
-
Could we unpack the decision to use Fernet as the basis for `cryptography`'s symmetric encryption recipe? I learned about Fernet from `cryptography`. I expected to find that it is a well-vetted standa…