Hμblog for 2023-11

Towards Greater Accountability: A Proposal for CA Issuance Decision LogsExploring the Potential of Domain Control Notaries for MPDV in WebPKI

Interesting articles by Ryan Hurst about possible improvements to WebPKI security via more certificate transparency (CT)-like technologies. There's also my own writings on CT.

Stop deploying web application firewalls

Excellent writeup by Mac Chaffee about how web application firewalls are universally a terrible idea. I've been meaning to write an article on this subject for some time, but this is a good overview of many issues with them.