Menu

Tag: tls

My1's Crazy Tech Ideas #02: TLSA-Staple

So there is already stapling options for OCSP Responses and Certificate Transparency data (although I expect CT to be embedded in most certs by now rather than being stapled to the TLS response), so couldnt it be possible to also staple the entire TLSA path to a TLS response in order to maybe get an alternative to the absolutely crazy CA System?

My1's Crazy Tech Ideas #01: Integrity header for proxies

Hi everyone, it's me again (not as if there would be many other options) I rather often have some pretty crazy Ideas and I kinda want to preserve them and also hear what the people think about them and maybe someone picks them up if they are good. so let's start with the first Idea of my set. Many people probably have heard of middleboxes or company-proxies and other similar things which attempt to "legitimately" play a Man in the ...