-
A common pattern to build a locally trusted CA with cert-manager is to create a self-signed issuer, use it to issue a CA certificate, then use that certificate with a ca issuer to issue leaf certifica…
-
In order for services to use mTLS across clusters, Citadel instances in each cluster need to be configured to sign with keys in a common trust domain. [The set up required today is rather involved.](h…
-
### Bug Description
The [Multi-Primary on different networks](https://istio.io/latest/docs/setup/install/multicluster/multi-primary_multi-network/) multicluster example works exactly as expected if…
-
At this moment, Intermediate certificates are not trusted by default when root is trusted.
For example site `vps.tomasek.cz` has certificate issued by Let's Encrypt. I manually uploaded **ISRG Root…
semik updated
4 months ago
-
As requested, I'm posting an async update for the TAC for the Sigstore project.
Our second [SigstoreCon: Supply Chain Day](https://events.linuxfoundation.org/sigstorecon-supply-chain-day/) conferen…
-
**Description of issue or feature request**:
Context:
* In order to comply with the detailed client workflow a TUF client must ship a bootstrap trusted root metadata file out-of band (i.e. with th…
-
>As an author of the Trust Expressions draft [wrote](https://mailarchive.ietf.org/arch/msg/tls/kBUBdLGEo-b5ywGoYFoJhoyW7KY/):
>>One of the (unstated, and perhaps we should state it clearer) goals o…
-
**Describe the bug**
```
Invalid proof data: Length not divisible by 32
```
**Expected behavior**
no error
**Steps to Reproduce**
1. https://lodestar-lightclient.chainsafe.io/
2. F…
-
There is an additional `nimbus_light_client` binary available in `nimbus-eth2` `unstable` (and, eventually, also on the other branches). It would be interesting to have a few instances of these in the…
-
### **Description**
At least on android, the metamask browser does not trust ssl (root) certs that were manually installed by the user into their device's trust store. This behavior is different fr…