Roland Bracewell Shoemaker
Roland Bracewell Shoemaker
Implementation before standardization, it's a thing we should probably do. For LE would this require a CP/CPS update before it could be deployed?
I'm looking into why we are getting linear growth of sequencer latency without any changes in the number of leaves being sequenced. It looks like the only part of the...
If `trillian_log_signer` is unhealthy (i.e. it is unable to connect to the configured MySQL node) it will still attempt to become the sequencer master via `etcd`. In this case it...
Similar to #1799 this would be quite useful. AWS KMS has recently added support for asymmetric key operations, see API docs here: https://docs.aws.amazon.com/kms/latest/developerguide/overview.html. There is definite interest in this from...
This was introduced to allow us to keep operating when a log serves cached STHs that are smaller than the one we most recently saw (i.e. when they are serving...
Generating RFC 5280 conformant serial numbers is slightly treacherous. Section 4.1.2.2 dictates that conforming implementations "MUST NOT use serialNumber values longer than 20 octets". A seemingly obvious way to pick...
Currently we only support testing changes to the main repo, we should also support testing x/ repos, if possible.
As evidenced by #52094 and #51599, there are issues with relying on third-party services for testing the platform verifier implementations. Ideally we'd run these tests entirely locally, but this requires...
@rolandshoemaker requested issue https://github.com/golang/go/issues/56891 to be considered for backport to the next 1.19 minor release. > @gopherbot please open backport issues. This issue makes macOS behave differently from every other...
The implementations of PrivateKey.Equal in the crypto/ed25519, crypto/ecdsa, and crypto/rsa packages leak timing information during key comparison. We do not consider this a serious security issue, as attacker controlled private...