Announcement

Collapse
No announcement yet.

Dark Tangents

Collapse
  • Filter
  • Time
  • Show
Clear All
new posts
There are no conversations in this channel.
Show More
  • Filter
  • Time
  • Show
  • Subscribed
Clear All
new posts
Please log in to your account to view your subscribed posts.
  • Filter
  • Time
  • Show
Clear All
new posts
Topics Statistics Last Post
Started by Dark Tangent, 08-23-2015, 12:18 AM
0 responses
187 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 03-02-2015, 02:48 AM
5 responses
975 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 02-12-2015, 07:30 AM
0 responses
298 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 01-22-2014, 09:40 PM
2 responses
2,652 views
0 likes
Last Post skiboy
by skiboy
 
Started by Dark Tangent, 12-07-2010, 06:38 AM
9 responses
14,516 views
0 likes
Last Post TheCotMan  
Started by Dark Tangent, 06-18-2010, 08:12 PM
2 responses
4,129 views
0 likes
Last Post Vian_Lif  
Started by Dark Tangent, 03-23-2010, 04:30 PM
0 responses
2,612 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 01-13-2010, 11:21 AM
0 responses
3,308 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 07-28-2009, 05:29 PM
0 responses
3,943 views
0 likes
Last Post Dark Tangent  
Started by Dark Tangent, 05-28-2009, 03:15 PM
1 response
5,332 views
0 likes
Last Post LosT
by LosT
 
No topics found.

Blog Summary

Collapse

Dark Tangents

Container Module

Collapse

Latest Comments

Collapse

  • Dark Tangent
    DEF CON p2p configuration and policies - part 2-2
    Dark Tangent
    DEF CON p2p configuration and policies - part 2-2
    Version 1.0 8/21/2015


    eMule / eD2K / KAD configurations and strategy

    This post is a long time coming after part 1-2 focusing on bittorrent. That's because there are both less options and less things to tweak, but for completeness...
    08-23-2015, 12:18 AM
  • Dark Tangent
    Reply to Forum Security Upgrades - Round One
    Dark Tangent
    OK, EiNSTeiN_ you got me motivated to sort out the HPKP issues, which got me interested in creating two backup pins, which made me update our EV certificate. When the 4096 bit root CA is available from DigiCert I'll get it reissued so our certificate will be 4096 from the ground up.

    I just...
    03-03-2015, 04:46 AM
  • Dark Tangent
    Reply to Forum Security Upgrades - Round One
    Dark Tangent
    Good points EiNSTeiN_,

    On the HPKP issue, I agree about the backup pin, but if you validate at https://www.ssllabs.com/ we seem to pass. I only have about 80 days left on the current EV certificate, so once it gets closer to expiring I'll have to regenerate the pin anyway. When that happens...
    03-03-2015, 01:12 AM
  • EiNSTeiN_
    Reply to Forum Security Upgrades - Round One
    EiNSTeiN_
    Great initiative!

    The pkp header seems invalid, as per the spec you should have a "backup pin" defined, i.e. a pin that is not being used. Your pkp header has only one pin, which should cause browsers to ignore the header: https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21#section-4.3...
    03-02-2015, 03:08 PM
  • JWSmythe
    Reply to Forum Security Upgrades - Round One
    JWSmythe
    We've been starting to do this too. I've been trying, but I'm probably making simple mistakes somewhere. Well, simple once I figure them out. :)

    I think this is the first site that I've seen green with the TLS Validator plugin for Firefox.
    03-02-2015, 01:36 PM
  • REAL
    Reply to Forum Security Upgrades - Round One
    REAL
    Awesome! Very informative, thank you!
    03-02-2015, 08:39 AM
Working...
X