-
**Description**
Originally discussed here: https://github.com/sigstore/sigstore-go/pull/253#issuecomment-2362927648
The original implementation was made against the operational mode of PGI using eph…
-
### What would you like to be added?
[In 24.2, Redpanda will support Certificate Revocation Lists (CRLs)](https://github.com/redpanda-data/documentation-private/issues/2580) for TLS-encrypted conne…
-
There is a neat `is_expired` property in the PGPKey class. We should also have a `is_revoked` property to easily check if a key is revoked. That property should:
* look for revocation signatures o…
-
**Github username:** @0xmahdirostami
**Twitter username:** 0xmahdirostami
**Submission hash (on-chain):** 0x8d23215454d9871dc9515a5530a4c67ebeaa618b59f9802de061fca466b5ca9c
**Severity:** high
**Desc…
-
We are introducing first-class support for HTTPS certificates on the SecureDrop .onions in the 0.4 release (#1928, #1934). @fowlslegs brought up potential privacy concerns due to OCSP revocation check…
-
### Preflight checklist
- [X] I could not find a solution in the existing issues, docs, nor discussions.
- [X] I agree to follow this project's [Code of Conduct](https://github.com/ory/fosite/blob…
-
It is currently not possible to add CRLs (certificate revocation lists) to a server. The problem here is that Qt doesn't allow adding a crl to a `QSslConfiguration` or `QSslSocket`.
CRLs seem to b…
-
### What is the areas you experience the issue in?
Notation CLI
### What is not working as expected?
Missing E2E test cases for validating certificate revocation with OCSP. The testing is extremely…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0xa5021391d99bb288413a4d15ffee62e68efe431c4d7b328ac21bdd3277ed4b00
**Severity:** medium
**Description:**
## Summary
…
-
Having a revokedAt field would allows to cheaply invalidate existing JWT tokens.
### Steps to reproduce
1. Have your session cookies compromised, Like LTT recently did
2. Change your password
…