@andrei_chiffa @dangoodin The QR asymmetric handshake protects against passive attackers decrypting sniffed traffic, but not against active attackers presenting a forged certificate in a man-in-the-middle attack. Merkle Tree Certificates protect against the latter threat.
agwa@follow.agwa.name
@agwa@follow.agwa.name
Posts
-
Google has devised a means for securing HTTPS certificates against quantum computing attacks without massive performance hits stemming from the considerably longer size of data required to be included. -
Google has devised a means for securing HTTPS certificates against quantum computing attacks without massive performance hits stemming from the considerably longer size of data required to be included.@dangoodin Yes, closely. There's a lot of momentum and Mozilla and Apple are interested as well. -
New blog post: Why IP Address Certificates Are Dangerous and Usually Unnecessary https://www.agwa.name/blog/post/ip_address_certsNew blog post: Why IP Address Certificates Are Dangerous and Usually Unnecessary https://www.agwa.name/blog/post/ip_address_certs