Franz-Stefan Preiss

@briansmith, we would like to use `rustls` in our project but the requirement that the dependent `webpki` requires v3 certificates to have extensions is a blocker. We tested our implementation...

> Would you therefore be OK with merging #241? @briansmith, did you already have time to look at this? Support for certificates without extensions is very important for our project....

Hi @jregistr! I'm running into the exact same problem. Did you maybe find a solution in the meanwhile?

Thanks, @jregistr! Because the Rust source code that I wanted to integrate resides in a different repository, I ended up using [@rollup/plugin-wasm](https://www.npmjs.com/package/@rollup/plugin-wasm). I followed the guidelines in the section _Using...

@blind-oracle, if your certificate is v3, then you could use the [rustls/webpki fork](https://github.com/rustls/webpki), where this is [now supported](https://github.com/rustls/webpki/pull/34).

@tokuryoo, a canister can only get vetKeys for _itself_ form the system API, that is, vetKeys are domain-separated by the canister that calls the system API. This means that derivation_ids...

> I believe that a malicious canister B could get the encrypted_ibe_decryption_key of canister A. Am I mistaken? @tokuryoo, this is not possible. Even if canisters A and B use...

> In vetKD, is it possible for one ciphertext to be decrypted by more than one person? (For example, multiple people sharing a file) @tokuryoo, yes, that's definitely possible. Because...

@tokuryoo, the slide 8 you are referring to (and also slide 7) is merely explaining the _concept_ of an [identity-based encryption (IBE) scheme](https://en.wikipedia.org/wiki/Identity-based_encryption), which typically relies on a central authority...

The tSchnorr Ed25519 key derivation scheme is not directly included in the interface spec PR (see https://github.com/dfinity/interface-spec/pull/288). With this, I'm closing this PR.