I was a researcher, I believed that we were independent, un-biased, the true source of knowledge (and I still do). What I didn’t appreciate at the time was that researchers were terrible in defining borders of their expertise and saying “I don’t know”.
Continue reading Do Not Trust Experts – from Brexit to Internet
We introduce an integration plugin for Let’s Encrypt. It provides integration for a variety of mechanisms that enable and simplify verification of domain control and certificate installation. We already tested it with Dehydrated (former letsencrypt.py) . It supports all existing verification methods: DNS, HTTP and TLS-SNI, in their current versions “01”.
Continue reading How Certbot and Letsencrypt Work (DNS and SNI-TLS automation)
We have extended the original research and can now use information from public keys (HTTPS, TLS, SSH, SSL) to audit cyber security management and compliance with internal standards.
Continue reading Your HTTPS Certificate Shows Where Its Key Comes From