-
TLS 1.3 *is* the SIGMA-I instantiation, so I think we should drop this from the OPAQUE document. It's redundant, and will likely cause confusion between people who want to choose between one or the ot…
-
We might consider standardizing the mechanism by which servers prevent user enumeration attacks.
-
https://doc.libsodium.org/advanced/stream_ciphers/xchacha20
Already exists in libsodium, would be nice to not have to worry about nonces.
-
Are there any plans regarding support for https://tools.ietf.org/html/rfc8037 including the JCE?
-
see https://ietf.topicbox-scratch.com/groups/cfrg/Tc67bb161f6dfbb33/cfrg-potential-vulnerabilities-with-opaque and also section 8 of https://tools.ietf.org/html/draft-krawczyk-cfrg-opaque-06#page-22
-
**Describe the bug**
I've been trying to set up kratos `v0.4.4` with selfservice-ui-node locally in minikube. While slow, I managed to succeed with registering and verifying my identity.
However…
-
Now that [hash-to-curve v7](https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-07) has been released, it would be greatly appreciated if we can update these specs with a new version to support …
-
e.g. `https://datatracker.ietf.org/rg/cfrg/about/]` gets parsed as `https://datatracker.ietf.org/rg/cfrg/about/]` instead of `https://datatracker.ietf.org/rg/cfrg/about/`
https://www.ietf.org/rfc/r…
-
`SyncStreamCipherSeek::seek` accepts a u64 and doesn't return a result. API docs should mention that ciphers with periods shorter than 2^64 bytes (e.g. Ietf ChaCha) will panic on overflow. An alternat…
kazcw updated
4 years ago
-
以下几个密码算法标准并非 NIST 或 IETF 制定,是否考虑移除这种密码算法实现呢?
这些算法,据我的了解大部分基本就是在 NIST 或 IETF 的标准上,做了一些小修改。
同时,目前的主流的加密库也没用对这些标准给予响应(如 OpenSSL/BoringSSL)。
移除这些实现,也可以减轻代码维护的负担。
* aes-128-pmac-siv
* aes-256-…