The online whiteboard of Kristofer Palmvik

2 links collected from scotthelme.co.uk between 2016 and 2022

2016

2016-09-01 scotthelme.co.uk
Using security features to do bad things
Looking at the benefits of CSP like XSS and mixed-content mitigation, enforcing HTTPS with HSTS and reducing the risk of rogue certificate issuance with HPKP, we’re definitely better off with these things than we are without them.

» More links from 2016

↑ Back to top

2022

2022-02-19 scotthelme.co.uk
If it looks like a duck, swims like a duck, and QWACs like a duck, then it's probably an EV Certificate
Given everything I’ve looked at and all of the research I’ve been doing on QWACs, I still can’t get away from viewing them as nothing more than a glorified EV certificate.

» More links from 2022

↑ Back to top