Follow

Ideal universe of online infosec discourse: any company even slightly violating CAB guidelines should be shot out of a cannon into the sun.

Real world: fortune 500 companies are bemused to learn that any of their customers have SSL certificate chain verification turned on; routinely have certificates expired for days on end and tell people to just disable expiration checking

Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!