Cloudflare considered harmful| www.devever.net
Mitigating the Hetzner/Linode XMPP.ru MitM interception incident, part 2: XMPP-specific mitigations| www.devever.net
TL;DR: we have discovered XMPP (Jabber) instant messaging protocol encrypted TLS connection wiretapping (Man-in-the-Middle attack) of jabber.ru (aka xmpp.ru) service’s servers on Hetzner and Linode hosting providers in Germany.| notes.valdikss.org.ru
Hobbyist| sslmate.com
Alice: I'd sure like to talk to Bob sometime. If only there were some kind of communications| www.devever.net
The Certification Authority Authorization (CAA) DNS record allows a domain to communicate an issuance policy to Certification Authorities (CAs) but only allows a domain to define a policy with CA-level granularity. However, the CAA specification (RFC 8659) also provides facilities for an extension to admit a more granular, CA-specific policy. This specification defines two such parameters: one allowing specific accounts of a CA to be identified by URIs and one allowing specific methods of dom...| www.rfc-editor.org
Let's Encrypt now supports ACME-CAA: closing the DV loophole| www.devever.net