Apple Safari URI Spoofing (CVE-2015-5764)intothesymmetry.blogspot.com1 points·by asanso·11 yıl önce·0 comments
asanso·9 yıl önce·discussI agree on all the accounts on what you said. I am probably biased by the fact I like JSON over XML. Probably JOSE just took the wrong path and could have been designed way better than it is...
asanso·9 yıl önce·discussIt seems that Matthew Green warned them about some of their choices though back in 2012!! https://www.ietf.org/mail-archive/web/jose/current/msg00366....
asanso·9 yıl önce·discussThe author of http://blog.intothesymmetry.com/2017/03/critical-vulnerabili... here FWIW. Personally I would not be so drastic. JOSE per se is not too bad (at least the idea is cool). Some crypto choices though have been really arguable...
asanso·10 yıl önce·discusshi the author of the vuln here. this is my write up http://intothesymmetry.blogspot.ch/2016/01/openssl-key-recov...
asanso·10 yıl önce·discusshi the author of the vuln here. this is my write up http://intothesymmetry.blogspot.ch/2016/01/openssl-key-recov...