Explore >> Select a destination
|
You are here 
|
paul.fawkesley.com | ||
| | | | |
lwn.net
|
|
| | | | | [AI summary] The discussion revolves around the limitations and vulnerabilities of the Web of Trust (WoT) in OpenPGP systems. Key points include: 1) The WoT is inherently broken due to scalability issues and lack of user-friendliness, as noted by Werner Koch. 2) There is a proposal to require signers to prove ownership of the private key before uploading signatures to keyservers, which could reduce spam and invalid signatures. 3) The process of distributing third-party certifications is complex and requires better tooling and user experience design. 4) Concerns about security vulnerabilities in OpenPGP, such as NULL pointer dereferences and potential for exploitation, are raised. 5) Alternatives like Trust On First Use (TOFU) are suggested, but the community... | |
| | | | |
kota.nz
|
|
| | | | | ||
| | | | |
www.mailpile.is
|
|
| | | | | ||
| | | | |
blog.trailofbits.com
|
|
| | | By Tjaden Hess Earlier this week, NIST officially announced three standards specifying FIPS-approved algorithms for post-quantum cryptography. The Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) is one of these standardized algorithms. The Trail of Bits cryptography team has been anticipating this announcement, and we are excited to share an announcement of our own: we built an... | ||
