-
Today, @rpappalax came to me with an interesting case: he has some big changes to make on the [focus-android](https://github.com/mozilla-mobile/focus-android/) taskgraph and he's willing to use a gith…
-
> The first source of pain comes from the existing websites which use the distrusted CA and now need to migrate to a new CA and renew their certificates. This typically requires a few months of notice…
-
We can use bitcoin keys for signing messages https://doc.satoshilabs.com/trezor-user/messages.html#signing-messages
We can also use bitcoin transactions to build trusted chain for master keys/departm…
-
**Github username:** @0xmahdirostami
**Twitter username:** 0xmahdirostami
**Submission hash (on-chain):** 0x9e801d61d9f96e01afc25f9e387915ae16a066e5586556b8994786a33174ec4b
**Severity:** low
**Descr…
-
proper line wrapping, see https://github.com/drwetter/testssl.sh/pull/2564#issuecomment-2354649002
-
Hi! I'm currently looking into the chain of trust for release artifacts of openssl on Arch Linux.
I noticed, that there is no chain of trust between (some of) the keys used for releases and that inst…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0xdc1041f4ca92cb170b5d63c6a73346ea7b6fd114d22adda1c64e0544b3dd40f0
**Severity:** high
**Description:**
### Descriptio…
-
[Merkle Tree Certificates](https://datatracker.ietf.org/doc/html/draft-davidben-tls-merkle-tree-certs-03) require the `trust_anchors` extension defined in this repository, as well as the `server_certi…
-
**Description**
The `TrustedMaterial` interface currently includes these methods:
```go
type TrustedMaterial interface {
TimestampingAuthorities() []CertificateAuthority
FulcioCertificateAuthoriti…
-
I believe that what I have in there as "NestedEvidences" is identical in spirit to EAT submods, so we just need to flesh out the submods claim and remove NestedEvidences.