 |
Post Au9JINB2SksZLjbits by [email protected] |
 |
More posts by [email protected] |
|
Post #Au908X60pbh65UqoRE by [email protected] |
|
0 likes, 2 repeats |
|
|
|
Dear #Letsencrypt, you helped secure millions and millions of servers, not just… |
|
|
|
Post #Au908XDoMbvsTgV2au by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer Oh shit, I had not yet seen this, as if getting my self-hosted mail… |
|
|
|
Post #Au908XWbEkxfPxI2sa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Just at the time where all over the world discussions are happening to move mai… |
|
|
|
Post #Au93l7Mmj6VXRfmoiW by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer I am currently supporting ISRG, because I am using Let's Encryp… |
|
|
|
Post #Au961G943TNtDJC3AO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@isotopp Problem is, they will also have to remove ClientAuth from their certif… |
|
|
|
Post #Au961GFneQlvYCLQfI by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer Them Chrome breaks. For one release, until they move back. |
|
|
|
Post #Au977B69peA5FjDglk by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer wrote:"Dear #Letsencrypt, you helped secure millions and milli… |
|
|
|
Post #Au97sfobRezG86ekm8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer sure, maybe they thin they'll need to split them but why can… |
|
|
|
Post #Au98WNhIE617WOAgC0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Sure, #LetsEncrypt, you can say that using certificate based client auth is a m… |
|
|
|
Post #Au98WNp5l6FtuZouLg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I'm a bit confused. Client certs rely on the server/issuer havi… |
|
|
|
Post #Au98WNwtI6UgIlT8VM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@larsmb @jwildeboer If you operate server A and B, both have their private key.… |
|
|
|
Post #Au98WO4KqQRsfqx56m by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@AndiBarth @larsmb @jwildeboer If you control both endpoints, why use PKI at al… |
|
|
|
Post #Au98WO7WeZ06pkRd56 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
The policy change at Google is documented here: https://googlechrome.github.io/… |
|
|
|
Post #Au98WOYT2OYGBJ394i by [email protected] |
|
0 likes, 0 repeats |
|
|
|
This means that you would have to run separate CAs/PKIs (Certificate Authority/… |
|
|
|
Post #Au9FCYFA0OWg7LVIyu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @larsmb @jwildeboer there might be Internet between those? (And… |
|
|
|
Post #Au9FCYLtbLuiSEegTo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AndiBarth @larsmb @jwildeboer The Internet doesn't matter. For ease of se… |
|
|
|
Post #Au9FCYSHDd1Am1dmQS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall Now try to get an iPhone to accept a self-signed certificate or… |
|
|
|
Post #Au9FCYYepu7d5ocsN6 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer @AndiBarth @larsmb Okay, this seems to be a totally different use c… |
|
|
|
Post #Au9IhLaVPP0VhprdpY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Who the what now? In over 20 years of operating email servers I did… |
|
|
|
Post #Au9IhLkQoUwmCcVZIm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@phil @jwildeboer I use it for authentication purposes. |
|
|
|
Post #Au9IhLsELVBYao9nSS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AndiBarth @jwildeboer Because it's convenient that Let's Encrypt is ve… |
|
|
|
Post #Au9IhLzftp8kxtdk3s by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@phil @jwildeboer I used to use my own CA for all mail server certificates. So … |
|
|
|
Post #Au9IhM15oYH52IIsGu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer To be fair, all my time has been on Exim, mostly on Debian. And I d… |
|
|
|
Post #Au9Iid1W4KYO4U6pOq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Wait, so you are mad that you can no longer misuse the Let's En… |
|
|
|
Post #Au9Iid7tgbeqOH5vLU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sindarina The argument goes (far) deeper as has been explained in various othe… |
|
|
|
Post #Au9IidEdHZ2sjAFIqO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Not every pushback on something you say is a 'cheap attack'… |
|
|
|
Post #Au9IidL0tq9L2xEOn2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sindarina The reasons given for this change at https://googlechrome.github.io/… |
|
|
|
Post #Au9IidTAPWfhSF2uUy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sindarina I have been following this approach (of making ClientAuth less and l… |
|
|
|
Post #Au9IidaFzALJoEMZY8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Again, nothing anywhere near what you are claiming here;https://soc… |
|
|
|
Post #Au9IidgdbRRm81LfUm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sindarina And again you are reducing all my arguments to email traffic, which … |
|
|
|
Post #Au9Ior68eXbbSbEyC8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @letsencrypt have a presence here if you want to mention them direc… |
|
|
|
Post #Au9IrQLuY5hHNYqJM0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @david_chisnall @AndiBarth Ah, oh! I wasn't aware of this iOS/A… |
|
|
|
Post #Au9IvW2XLR7cB1jQQ4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Everything that is significantly funded by #Google should be consid… |
|
|
|
Post #Au9IxqQyUUES0WGyVE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@larsmb @jwildeboer @AndiBarth Unless something has changed, iOS doesn't re… |
|
|
|
Post #Au9J4jGnWco7obnNQG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Reading the discourse thread, I think this post and the other fedi … |
|
|
|
Post #Au9J4jOx2JKUDtbt8C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sanityinc I have read that thread and no, saying that removing ClientAuth from… |
|
|
|
Post #Au9J4jW2bx06ZsvYBM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sanityinc What I certainly do agree with is that the root cause of this discus… |
|
|
|
Post #Au9J4jdq8xEsy4ZmL2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @sanityinc Using certificate issued by a global issuer like letsenc… |
|
|
|
Post #Au9J9opQHofiVDPycq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Google's investors are murderous petrostate despots. https://ww… |
|
|
|
Post #Au9JCNG9F9vjrr8YDY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Hm…https://abcnews.go.com/International/wireStory/trumps-sanction… |
|
|
|
Post #Au9JIN5imWcr5F7Tc0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AndiBarth @jwildeboer This also assumes that the EKU is actually checked. Even… |
|
|
|
Post #Au9JINB2SksZLjbits by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@phil That's your view. Which I respect. My view is that Google is demandin… |
|
|
|
Post #Au9JJ0sIrpeyTD9KFc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall You typically provision such internal certs (regardless of it h… |
|
|
|
Post #Au9JJap1DWQHxRtD84 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer are you really using the tls client authentication in your smtp ser… |
|
|
|
Post #Au9JNKVXoYhCWEYvz6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@isotopp @jwildeboer same, I was wondering about this for a while too. |
|
|
|
Post #Au9JNKePHbmixii0nY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@gergolippai @isotopp @jwildeboer I have no time to read about BuyPass Go SSL b… |
|
|
|
Post #Au9JO5RxHike6iFEPo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@slotos I see the practical implications. Some mail servers do check for client… |
|
|
|
Post #Au9JQpqHlnDyZOw3wO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@antondollmaier @jwildeboer They'll drop the TLS client certificate complet… |
|
|
|
Post #Au9JSlp1gjWEgFGkdc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerSee alsohttps://community.letsencrypt.org/t/do-not-remove-tls-client… |
|
|
|
Post #Au9JXNE2Z5rzqMAFhA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer btw ssl.com will do the same: https://www.ssl.com/blogs/removal-of-… |
|
|
|
Post #Au9JacQkUQSxryejuS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @sanityinc You haven’t clarified anything.Authenticating against … |
|
|
|
Post #Au9JerhVen8wO7WL32 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@antondollmaier @jwildeboer only until May 2026: "May 13, 2026: the tlscli… |
|
|
|
Post #Au9JfOConvCXCUPnI8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer this makes me wonder: doesn't ACME allow to issue different cer… |
|
|
|
Post #Au9JgDz8I39Rn6PbBA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@larsmb No. Client-Auth is an attribute in the certificate using the EKU (Exten… |
|
|
|
Post #Au9JgMKhFl9bgIYvtw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@forthy42 @jwildeboer Europe's governments and large companies run entirely… |
|
|
|
Post #Au9Jgv4c5Y5LQYJ5Bw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@larsmb> Client certs rely on the server/issuer having the private key, no?N… |
|
|
|
Post #Au9JjJy2VKMNDJNR8C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I sadly think we need European LE. |
|
|
|
Post #Au9Lkc0R7dt3MEF2Ku by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@toe Right, the server validating the presented key doesn't need it - but t… |
|
|
|
Post #Au9LltYtKtO85xyAVc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@eliasp Actually yes: https://letsencrypt.org/docs/profiles/Unsure how this wil… |
|
|
|
Post #Au9LltfyuX3kRxHpYm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@BenBen With regard to client auth, it is explained on that page: "Support… |
|
|
|
Post #Au9NSUau8lGv49mqUS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @larsmb @AndiBarth Right, if the mail server is running a LE certif… |
|
|
|
Post #Au9NSUhdjiexP2wDzM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall See https://www.digicert.com/blog/how-the-clientauth-crackdown-… |
|
|
|
Post #Au9NSV7WBVMMhJ2tKC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall And yes, some smtp servers (not many) will check for ClientAuth… |
|
|
|
Post #Au9NUEnjpTi2fEccUK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@BenBen @eliasp @jwildeboer actually this is still an RFC draft and only Let… |
|
|
|
Post #Au9NXcdjecUDT1Yb3I by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Addendum: This will have impact on many solutions that use mTLS (Mutual TLS).&q… |
|
|
|
Post #Au9NXlLHIc4OSNzU24 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@marjolica @jwildeboer it's more work for little benefit. Right now they ca… |
|
|
|
Post #Au9Q4WEEiCIT30RatM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @larsmb @AndiBarth If you are connecting to another server and pres… |
|
|
|
Post #Au9Q4WKyJ9gVNtayOG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall But setting up and managing a private CA/PKI is not something w… |
|
|
|
Post #Au9Q4WQzwkVNgaPmme by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer @larsmb @AndiBarth Wait, what? No! It's trivial! It takes ab… |
|
|
|
Post #Au9Q9stVruaCnAJFK4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @AndiBarth @larsmb @jwildeboer proving that you have complete c… |
|
|
|
Post #Au9Q9t1JOuozBLxTTk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @AndiBarth @larsmb @jwildeboer PKI let's any client or serv… |
|
|
|
Post #Au9QGeJYTVNPbGiSaO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@sigmavirus24 @jwildeboer at the moment I solely use my https Apache server to … |
|
|
|
Post #Au9QfhlEnXHlWqbzqS by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Jpbrosnahan1 @AndiBarth @larsmb @jwildeboer PKI let's any client or server… |
|
|
|
Post #Au9RnMOCF083W6353g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Jpbrosnahan1 @AndiBarth @larsmb @jwildeboer So? That's a nice strawman, b… |
|
|
|
Post #Au9RnYpvxhRk7b7OxU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall FTR: You limited the setup to two servers under your control to… |
|
|
|
Post #Au9RoenpGYAGukeg76 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I don't really understand the framing that ClientAuth can only … |
|
|
|
Post #Au9SnkEhg8pjQlM7H6 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jwildeboer @Jpbrosnahan1 @AndiBarth @larsmb FTR: You limited the setup to two … |
|
|
|
Post #Au9SwVueIo1jc69mXg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @AndiBarth @larsmb @jwildeboer "Allowing machines not unde… |
|
|
|
Post #Au9SwW11v58Bvt8sUK by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Jpbrosnahan1 @AndiBarth @larsmb @jwildeboer Okay, so you now turn a simple cap… |
|
|
|
Post #Au9YW6c4LJiHLNFztY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer What's so hard for LE to duplicate their stuff so they operate … |
|
|
|
Post #Au9YW6i5yuX9e44oHw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@project1enigma They have decided to not do that. ClientAuth EKUs will be compl… |
|
|
|
Post #Au9Yaqug8rHy6EE0ie by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@marjolica @jwildeboer and that relates to my pointing out that it's not ea… |
|
|
|
Post #Au9YaspR1KHa2Xmqp6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Addendum 2: Google wants TLS certificates to ONLY have the ServerAuth EKU. Any … |
|
|
|
Post #Au9Ycy6EOVMqxzdaPg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AndiBarth @larsmb @jwildeboer "Then you can tell server A to accept any m… |
|
|
|
Post #Au9Ye6wR0OiagAbGV6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer i don't know / don't understand, why they stop issuing this… |
|
|
|
Post #Au9YeUEIQ9fiuE8M2C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @david_chisnall @Jpbrosnahan1 @AndiBarth But setting up a "PKI… |
|
|
|
Post #Au9YeUKK3kUbCuxAQa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@larsmb Yes. That not everyone out there can run a private CA/PKI and demanding… |
|
|
|
Post #Au9YeUR3ehsdXo6XvU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @larsmb @Jpbrosnahan1 @AndiBarth That not everyone out there can ru… |
|
|
|
Post #Au9YgQg6b1DcTE4G2a by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Jpbrosnahan1 But for email on the Internet, there are already other ("bet… |
|
|
|
Post #Au9YjniTOgISn5mbFQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer You don‘t need an MDM to do that. You can simply create a config … |
|
|
|
Post #Au9bjdR9umcMlyISum by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@IchEben @jwildeboer IMO this would be a reasonable position for LetsEncrypt, h… |
|
|
|
Post #Au9bm6kbtk5SGbZeyW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@phlash Yep. And they could allow more EKUs on the second PKI. CodeSigning, Mai… |
|
|
|
Post #Au9bpruF23EfNws8ps by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall The problem is that LetsEncrypt et all will stop issuing certs … |
|
|
|
Post #Au9cyLji6lOCAlYR84 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer, are you sure you aren't simply abusing that field?I run a mail… |
|
|
|
Post #Au9cyT6ehqu11xLMMi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @jwildeboer @larsmb @AndiBarth "I find it hard to imagine … |
|
|
|
Post #Au9ehjs5Jy9g0mg8Xo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer, unless you're talking about a case where both the sending and … |
|
|
|
Post #Au9ekasvBmzj0dQnvE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Jpbrosnahan1 @jwildeboer @larsmb @AndiBarth So does creating a security system… |
|
|
|
Post #Au9enGeoqoLf8y6szI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@rq No, I am talking about cases where my mailserver tries to send an email to … |
|
|
|
Post #Au9eoL9bcOBtNZ1P8a by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@david_chisnall @jwildeboer @larsmb @AndiBarth No, having a third-party or mult… |
|
|
|
Post #Au9yNuhrKDTYuKig64 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Legitimate question because this is news to me: Does SMTP use clien… |
|
|
|
Post #Au9yUTJ7amWJxTHAXo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer to be fair, if you don’t use browsers in M2M it will not break, a… |
|
|
|
Post #AuA1k1B2FQxND1b9ou by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Do you know if this affects LDAPS? We have a FreeIPA server that’… |
|
|
|
Post #AuA1k1JXjnlJdPZx56 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@compfu AFAICS that should continue to work with just the serverAuth EKU. |
|
|
|
Post #AuA1kHKqAkJ5K4JDKC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Thanks you. |
|
|
|
Post #AuA1nVpwiC1bASOsZk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @phlash @IchEben There will be other „Profiles“ which will supp… |
|
|
|
Post #AuA1nVwgJ9PdVLYG4e by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lennybacon Not according to Letsencrypt: "May 13, 2026: the tlsclient ACM… |
|
|
|
Post #AuA1nW2hwkEVo2N4T2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @phlash @IchEben You are Right. They push it to a separate profile … |
|
|
|
Post #AuA1rrF54KxuiJEFbE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@eckes So I just took a note in the form of creating a website ;) https://nerdc… |
|
|
|
Post #AuA3CJiwz4JqnIWHse by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer @phlash @IchEben There is http://www.cacert.org but they never atte… |
|
|
|
Post #AuBEGUNmah1JfBlq3U by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboerThe architecture isn't very decentralized if you're relying … |
|
|
|
Post #AuBEYW0NIUaluLPvmq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@lennybacon Yep, I know them since many, many years! I never managed to really … |
|
|
|
Post #AuBEirPMZmS3BT2REG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one @jwildeboer @sindarina Well the best we got. Web of Trust doesn… |
|
|
|
Post #AuBEjqQtggvKRtE1aa by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one The original idea of client side certificates was the server/se… |
|
|
|
Post #AuBEjqWZLbScjTsYQi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer For that to work, a website would need to be able to add a certific… |
|
|
|
Post #AuBEjqbt1piKzyMnia by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one Yep. The <keygen> was the basis. And it wasn't remove… |
|
|
|
Post #AuBEjqhCi3y3GSr30S by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer I should point out that it is entirely possible for your webapp to … |
|
|
|
Post #AuBEjqnaKL4VaFq8x6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one Yep. And we have tons of (proprietary) libraries to emulate wha… |
|
|
|
Post #AuBF0ORP0uxWYZLuoy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer Why would you want private systems to trust client certificates iss… |
|
|
|
Post #AuBF0OX4fpUoqA0Rf6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@argv_minus_one @jwildeboer Well for Server2Server communication that ensures t… |
|
|
|
Post #AuBG15o9sNkV0ktTRQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jwildeboer used to be cacert assurer, but it feels like it’s fallen behind�… |
