-
Hi there,
It looks like the self-signed cert used on api.keybase.io is blocked by some firewalls. This apprears to be a consequence of the firewall's inability to fully validate the certificate cha…
-
Per the Go 1.18 release notes: "crypto/x509 will now reject certificates signed with the SHA-1 hash function. This doesn't apply to self-signed root certificates. Practical attacks against SHA-1 [have…
-
In https://github.com/rustls/webpki/pull/66 we've staged support for using Certificate Revocation Lists (CRLs) to make revocation decisions during path building.
The code in that branch performs CR…
-
I know I can add the Root CA Certificate in the MeshCommander certificate manager and configure it as a trusted certificate to prevent the certificate warning during the connection. But it would be gr…
-
This I don't have a proposal on other than what I did for https://github.com/hashbang/git-signatures which is a .gitsigners file that declares all the trusted keys for that repo that a tool can valida…
-
We should try to use the usage of internal private key used by Ledger to attest the device .
So the origin signature and by extension the public key will be certified to ensure some level of confide…
-
I think it would be valuable to support SRI for service worker JS files.
Reasoning: There's a lot of controversy about web-based crypto applications. Namely, that they're never truly secure because…
-
In #2193 the client example gains Trust-On-First-Use (TOFU) functionality and support for arbitrary repositories. This is very useful for testing but has two issues:
* we should also be an example o…
-
### Operating system
Windows
### Name of the script
1. Disable SmartScreen in Microsoft Edge.
2. Disable SmartScreen PUA protection in Microsoft Edge.
3. Lower priority for antimalware serv…
-
### New Issue Checklist
- [x] Updated fastlane to the latest version
- [x] I read the [Contribution Guidelines](https://github.com/fastlane/fastlane/blob/master/CONTRIBUTING.md)
- [x] I read [doc…