-
When `MBEDTLS_HAVE_TIME_DATE` is disabled, in Mbed TLS up to 3.x, X.509 silently skip expiration verification. This is an insecure default. Consider changing to always flag expiry, and allow a runtime…
-
## Issue description
Currently the session cookie created by devise seems to be re-usable indefinitely.
It looks like a security issue, as if for any reason a user has his session cookie leaked, t…
-
### **Is your feature request related to a problem? Please describe.**
The handling of the receipt of material(s) in ERPNext is too basic and doesn't allow for traceability of externally purchase…
-
I don't know if this is expected behaviour, but it seems wrong.
If you authenticate a user using this library, the user will retain a logged in session indefinitely (depending on your django sessio…
-
These are the entrypoints
`vouch(bytes32 projectApprovalAttestation, bytes32 identityAttestation)`
`vouch(bytes32 projectApprovalAttestation)`
In any given vouch , there are 4 possible scenarios:
- …
-
**Describe the bug**
If you look at the certificate expiration date on the Let's Encrypt SSL Certificate in the browser and then compare that the certificate expiration date in the Admin > SSL sectio…
-
We are using your NFC library for Turkey's identity verification, retrieving information such as the photo, date of birth, and expiry date. However, the NFC reading process is a bit slow. Do you have …
-
What would you like Teleport to do?
Option to customize the timelines of role expiry irrespective of maximum session TTL, currently teleport has only request expiry for request to be expired in case …
-
### What would you like to be added?
During a community meeting, we agreed to add more docs for the current supported scenarios around Cert revocation/rotation/expiry.
### Anything else you would li…
-
Currently, registering to a circle requires four values:
- circle name
- username
- invite token (hash of username + CA private key)
- URL to public CA cert
We could simplify this by creating a…