-
Ignoring CRLs for right now. Currently [`VerifySignatureWithCertificate`](https://github.com/boxboat/in-toto-golang/blob/857f4337701ef36f080cbf71bdc3d5fa5df779f7/in_toto/model.go#L844) calls `*Certif…
-
windows codesigning (both native and with osslsigncode) is possible, this should be documented.
klali updated
2 years ago
-
Hello ,
I am trying to build a TimeStampRequest to Digicert TSA server
I am following https://www.ietf.org/rfc/rfc3161.txt
```
TimeStampReq ::= SEQUENCE {
version …
-
`check_purpose_timestamp_sign` funcion on `crypto/x509/v3_purp.c` is currently very restrictively checking keyUsage and extendedKeyUsage, accepting only certificates with exactly
extendedKeyUsage = X…
-
**Description**
We are working on adding support to cosign for trusted roots (#3700) and the protobuf bundle format (#3139).
For folks who have previously signed disparate content, it could be helpf…
-
Currently, Hereditas has a dependency on Auth0. While this should not pose a security risk (Auth0 stores the *application token* but never sees the *user passphrase*, so even if an attacker managed to…
-
> **472c568** created the issue
## Phase A
1. If a user clicks on the "i" button as per the attached, mock-up screenshot, a pop-up will open and show as ASCII Text
a. origin URI, protocol, SHA256,…
-
I'm trying to write an SoK paper about e-voting, and it seems Estonia deserves one alone.
1-Have you read this paper that I think proves the system needs to be fixed
https://www.researchgate.net/…
-
Users can take a watermarked capture or recording of their phone screen.
U039b updated
3 weeks ago
-
**Summary**
Creating Windows builds is taking way too much time because there is a 15 seconds sleep delay each time a file needs to be signed.
This is due to the fact the public timestamp server…