Collaborate Disseminate
How does the DNS-based Authentication of Named Entities (DANE) protocol make Certificate Authorities (CA) obsolete?
In other words: How is it technically possible that DANE does not need Certificate Authorities?
Continue reading How does the DANE protocol make Certificate Authorities obsolete?
How does the DNS-based Authentication of Named Entities (DANE) protocol make Certificate Authorities (CA) obsolete?
In other words: How is it technically possible that DANE does not need CAs?
Continue reading How does the DANE protocol make Certificate Authorities obsolete?
How does the DNS-based Authentication of Named Entities (DANE) protocol make Certificate Authorities (CA) obsolete?
In other words: How is it technically possible that DANE does not need CAs?
Continue reading How does the DANE protocol make Certificate Authorities obsolete?
Is there a list of known deprecated/unsafe certificate authorities (CAs)?
For example:
TurkTrust
DigiNotar
Are there other “trusted” CAs that should not be or are not trusted (by browsers anymore) and why? Or better is t… Continue reading Is there a list of known deprecated/unsafe certificate authorities?
How can I explain a non-technical person the purpose of Domain Name System Security Extensions (DNSSEC) and the risks of not using DNSSEC? It would be nice to use a metaphor, so that it’s also easy to remember for a non-technical person.
… Continue reading How can I (preferably metaphorically) explain DNSSEC without technical jargon?
The Extensible Provisioning Protocol (EPP) as described in RFC 5730, can possibly be protective against domain hijacked. The protocol consists of the 17 following status-values as described in RFC 5731:
clientDeleteProhibit… Continue reading Which Extensible Provisioning Protocol (EPP) status-values provide sufficient protection against domain hijacking?
Recently I saw the following screenshot on Twitter, describing a obviously terrible password policy:
I wonder what is worse for the password strength. Having no password policy at all or a poor password policy (like descri… Continue reading What is worse for password strength, a poor password policy or no password policy at all?
Is the injection in a NoSQL database architecture also called SQL injection and is it still part of the OWASP 2013 Top 10, category A1 Injection?
For example, an injection in code that communicates with the following databas… Continue reading Is the injection in a NoSQL database architecture also called SQL injection?
Is the injection in a NoSQL database architecture also called SQL injection and is it still part of the OWASP 2013 Top 10, category A1 Injection?
For example, an injection in code that communicates with the following databas… Continue reading Is the injection in a NoSQL database architecture also called SQL injection?
Is the injection in a NoSQL database architecture also called SQL injection and is it still part of the OWASP 2013 Top 10, category A1 Injection?
For example, an injection in code that communicates with the following databas… Continue reading Is the injection in a NoSQL database architecture also called SQL injection?