-
The length limit of VARCHAR in some RDBs is the number of UTF-32 code points.
maxLength counts an emoji and some kanji as two.
Password requirements by NIST:
https://pages.nist.gov/800-63-3/sp8…
-
# 💡 Summary #
Update the `cyhy-nvdsync` script to use the [NIST NVD API 2.0](https://nvd.nist.gov/general/news/api-20-announcements).
## Motivation and context ##
Currently we rely on the [NI…
-
This looks like an interesting project, though I see you're using the NIST curves. Perhaps you don't know the [history](https://en.wikipedia.org/wiki/Elliptic-curve_cryptography#History)?
[Should …
-
during the specification meeting, when reviewing the Terms and Definitions, it was called out that the usage of "provenance" is very specific to NIST and differs from the SLSA,etc definition. while th…
-
# Problem
Currently there's no formalized way to store exploit artifacts in a consistent way, and has been handled by either just printing extracted data into `Success` log level or by manually wri…
-
From OSCAL source, a pretty "official" rendering should look (something) like the official published PDF, when a parameter is referenced outside the control where it is defined (as happens here in **S…
-
Profile parser Should coerce NIST tags to a list, otherwise calling forEach on nist tags is unpredictable, and may not work
-
Thanks for your work on tkey.
It would be nice to see a version of signer that supports old-school algos such as RSA and the NIST p-curves.
I know Ed2559 is awesome and all that, but unfortunate…
-
There are a couple of identifiers for software that would be nice to include in SBOM output somehow. This will help security teams link installed software to vulnerabilities that have been discovered…
-
### Proposal Details
_Note: not a formal proposal since this is internal work without new exposed APIs or observable behaviour. It's primarily surfacing FIPS work for tracking purposes._
## Backgr…