Bram Verburg
Bram Verburg
See also https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/sensitive_data
Such as `cRLDistributionPoints`, `authorityInfoAccess` (AIA) and `certificatePolicies`...
Right now there are high-level APIs for creating extensions (Certificates, and soon CRLs and CRL entries), but when looking up extensions an `:Extension` record is returned. Complicating things, the extensions...
Create a 'testing guide' aimed at security professionals with little or no experience with the BEAM platform. The document should provide both background information, with links to relevant resources, and...
**Describe the bug** During testing of the new OCSP stapling client feature, interop issues with various servers were observed. I would be happy to create separate tickets for each, if...
See https://erlangforums.com/t/user-controlled-arguments-to-open-port-2-with-spawn-spawn-executable-is-insecure-on-windows/3476 and https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
https://tools.ietf.org/html/draft-ietf-httpbis-message-signatures-00