<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (rcrowley)</title>
    <link>https://pinboard.in/u:rcrowley/public/</link>
    <description>recent bookmarks from rcrowley</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://github.com/colmmacc/nf_conntrack_tls"/>
	<rdf:li rdf:resource="https://security.googleblog.com/2017/01/the-foundation-of-more-secure-web.html?m=1"/>
	<rdf:li rdf:resource="https://github.com/letsencrypt/boulder"/>
	<rdf:li rdf:resource="https://www.imperialviolet.org/2015/10/17/boringssl.html"/>
	<rdf:li rdf:resource="https://github.com/awslabs/s2n"/>
	<rdf:li rdf:resource="http://groob.io/posts/internal_ca/"/>
	<rdf:li rdf:resource="https://www.chromium.org/Home/chromium-security/education/tls"/>
	<rdf:li rdf:resource="http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/"/>
	<rdf:li rdf:resource="https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning"/>
	<rdf:li rdf:resource="https://sethvargo.com/getting-an-a-plus-on-qualys-ssl-labs-tester/"/>
	<rdf:li rdf:resource="https://knowledge.geotrust.com/support/knowledge-base/index?page=content&amp;id=AR1421&amp;actp=RELATED_RESOURCE"/>
	<rdf:li rdf:resource="http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html"/>
	<rdf:li rdf:resource="https://www.openssl.org/about/secpolicy.html"/>
	<rdf:li rdf:resource="https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1"/>
	<rdf:li rdf:resource="http://lists.openwall.net/linux-kernel/2014/07/17/235"/>
	<rdf:li rdf:resource="https://www.imperialviolet.org/2014/06/05/earlyccs.html"/>
	<rdf:li rdf:resource="https://www.netmeister.org/blog/ssh2pkcs8.html"/>
	<rdf:li rdf:resource="http://ccsinjection.lepidum.co.jp/"/>
	<rdf:li rdf:resource="http://blog.jbrowne.com/?p=23"/>
	<rdf:li rdf:resource="http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl"/>
	<rdf:li rdf:resource="https://github.com/cchandler/certificate_authority"/>
	<rdf:li rdf:resource="https://github.com/jmhodges/libssl"/>
	<rdf:li rdf:resource="http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/"/>
	<rdf:li rdf:resource="https://www.imperialviolet.org/2012/02/05/crlsets.html"/>
	<rdf:li rdf:resource="https://github.com/jsermeno/easycert_openssl"/>
	<rdf:li rdf:resource="http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed"/>
	<rdf:li rdf:resource="http://www.seacat.mobi/blog/heartbleed"/>
	<rdf:li rdf:resource="http://article.gmane.org/gmane.os.openbsd.misc/211963"/>
	<rdf:li rdf:resource="http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db9023b881d7cd9f379b0c154650d6c108e9a3"/>
	<rdf:li rdf:resource="http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html"/>
	<rdf:li rdf:resource="http://launchpadlibrarian.net/172128742/openssl_1.0.1-4ubuntu5.11_1.0.1-4ubuntu5.12.diff.gz"/>
	<rdf:li rdf:resource="https://github.com/FiloSottile/Heartbleed"/>
	<rdf:li rdf:resource="http://www.ubuntu.com/usn/usn-2165-1/"/>
	<rdf:li rdf:resource="http://heartbleed.com/"/>
	<rdf:li rdf:resource="https://polarssl.org/"/>
	<rdf:li rdf:resource="http://www.isg.rhul.ac.uk/tls/"/>
	<rdf:li rdf:resource="https://blog.serverdensity.com/how-to-secure-your-webapp/"/>
	<rdf:li rdf:resource="https://github.com/pquerna/selene"/>
	<rdf:li rdf:resource="http://curl.haxx.se/docs/caextract.html"/>
	<rdf:li rdf:resource="https://hynek.me/articles/apple-openssl-verification-surprises/"/>
	<rdf:li rdf:resource="https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite"/>
	<rdf:li rdf:resource="https://github.com/igrigorik/istlsfastyet.com/blob/master/nginx.conf"/>
	<rdf:li rdf:resource="https://istlsfastyet.com/"/>
	<rdf:li rdf:resource="http://blog.litespeedtech.com/2013/07/03/the-openlitespeed-features-keep-coming-websocket-proxy-ocsp-stapling/"/>
	<rdf:li rdf:resource="http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin.doc%2FDOC%2FH_KEY_USAGE_EXTENSIONS_FOR_INTERNET_CERTIFICATES_1521_OVER.html"/>
	<rdf:li rdf:resource="https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy"/>
	<rdf:li rdf:resource="http://convergence.io/details.html"/>
	<rdf:li rdf:resource="http://perspectives-project.org/"/>
	<rdf:li rdf:resource="http://web.monkeysphere.info/"/>
	<rdf:li rdf:resource="http://www.openca.org/"/>
	<rdf:li rdf:resource="http://breachattack.com/"/>
	<rdf:li rdf:resource="http://www.ietf.org/rfc/rfc6125.txt"/>
	<rdf:li rdf:resource="https://www.howsmyssl.com/"/>
	<rdf:li rdf:resource="https://www.ssllabs.com/projects/best-practices/"/>
	<rdf:li rdf:resource="https://github.com/iSECPartners/sslyze"/>
	<rdf:li rdf:resource="https://www.imperialviolet.org/2013/06/27/botchingpfs.html"/>
	<rdf:li rdf:resource="http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html"/>
	<rdf:li rdf:resource="https://blog.twitter.com/2013/forward-secrecy-at-twitter-0"/>
	<rdf:li rdf:resource="http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies"/>
	<rdf:li rdf:resource="https://www.ssllabs.com/ssltest/"/>
	<rdf:li rdf:resource="http://security.stackexchange.com/questions/20803/how-does-ssl-work/20833#20833"/>
	<rdf:li rdf:resource="http://www.ietf.org/rfc/rfc2246.txt"/>
	<rdf:li rdf:resource="http://pyro.eu.org/how-to/micro/openssl-txt_db-error-number-2.txt"/>
	<rdf:li rdf:resource="http://code-bear.com/bearlog/2013/06/26/nginx-ssl-config-for-forward-secrecy/"/>
	<rdf:li rdf:resource="https://github.com/properssl"/>
	<rdf:li rdf:resource="https://github.com/properssl/nginx-pfs"/>
	<rdf:li rdf:resource="http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html"/>
	<rdf:li rdf:resource="http://baudehlo.wordpress.com/2013/06/24/setting-up-perfect-forward-secrecy-for-nginx-or-stud/"/>
	<rdf:li rdf:resource="http://openssl.6102.n7.nabble.com/Understanding-the-behvaiour-for-openssl-verify-and-crl-check-td23306.html"/>
	<rdf:li rdf:resource="http://mitmproxy.org/"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://github.com/colmmacc/nf_conntrack_tls">
    <title>colmmacc/nf_conntrack_tls: A Linux netfilter conntracking module that understands TLS records</title>
    <dc:date>2019-04-08T12:12:21+00:00</dc:date>
    <link>https://github.com/colmmacc/nf_conntrack_tls</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Nifty bit of history from the Heartbleed response - Colm's kernel module that drops SSL/TLS heartbeat records.]]></description>
<dc:subject>linux kernel iptables conntrack netfilter ssl tls crypto heartbleed</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:55f7212d0169/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:kernel"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:iptables"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:conntrack"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:netfilter"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://security.googleblog.com/2017/01/the-foundation-of-more-secure-web.html?m=1">
    <title>Google Online Security Blog: The foundation of a more secure web</title>
    <dc:date>2017-02-03T16:32:24+00:00</dc:date>
    <link>https://security.googleblog.com/2017/01/the-foundation-of-more-secure-web.html?m=1</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I wonder what it would have been like to get into the CA game years ago like we considered.]]></description>
<dc:subject>pki ssl tls crypto security trust google</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3967c5e3ad68/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:trust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/letsencrypt/boulder">
    <title>letsencrypt/boulder: An ACME-based CA, written in Go.</title>
    <dc:date>2016-09-21T15:28:29+00:00</dc:date>
    <link>https://github.com/letsencrypt/boulder</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Let's Encrypt's CA software.]]></description>
<dc:subject>golang ca ssl tls security crypto pki letsencrypt</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:2fc1075dad36/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:golang"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:letsencrypt"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.imperialviolet.org/2015/10/17/boringssl.html">
    <title>ImperialViolet - BoringSSL</title>
    <dc:date>2015-10-22T15:33:11+00:00</dc:date>
    <link>https://www.imperialviolet.org/2015/10/17/boringssl.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A nice explanation of the what, how, and why of Google's BoringSSL fork.]]></description>
<dc:subject>ssl openssl boringssl tls crypto security google agl</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4edd5d544ccb/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:boringssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:agl"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/awslabs/s2n">
    <title>awslabs/s2n</title>
    <dc:date>2015-06-30T17:44:58+00:00</dc:date>
    <link>https://github.com/awslabs/s2n</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[New TLS library.  Note that it doesn't implement RSA and the like, just TLS.]]></description>
<dc:subject>amazon aws security ssl tls crypto openssl boringssl libressl s2n</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:57c5da98e6b1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:amazon"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:boringssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:libressl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:s2n"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://groob.io/posts/internal_ca/">
    <title>Certified - an internal CA for your company · groob</title>
    <dc:date>2015-05-15T15:45:14+00:00</dc:date>
    <link>http://groob.io/posts/internal_ca/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Somebody wrote an excellent Certified walkthrough!]]></description>
<dc:subject>certified ca openssl ssl tls crypto security pki</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8321d884436f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:certified"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.chromium.org/Home/chromium-security/education/tls">
    <title>TLS / SSL - The Chromium Projects</title>
    <dc:date>2015-04-27T15:11:06+00:00</dc:date>
    <link>https://www.chromium.org/Home/chromium-security/education/tls</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Lots of TLS answers straight from the Chrome folks.]]></description>
<dc:subject>tls ssl chrome chromium security pki crypto ca</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6e2ccadfe329/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chrome"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chromium"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/">
    <title>SSL connections from within iPhone applications • Charles Web Debugging Proxy</title>
    <dc:date>2015-02-02T14:35:27+00:00</dc:date>
    <link>http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[How to setup an iPhone for Charles.]]></description>
<dc:subject>charles https ssl tls crypto proxy debugging</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8dc966bd8974/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:charles"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:proxy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:debugging"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning">
    <title>Public Key Pinning - Web security | MDN</title>
    <dc:date>2015-01-03T19:59:21+00:00</dc:date>
    <link>https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Certificate pinning for browsers!]]></description>
<dc:subject>security hpkp ssl tls</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a7062ae3ff27/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:hpkp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://sethvargo.com/getting-an-a-plus-on-qualys-ssl-labs-tester/">
    <title>Getting an A+ on Qualy's SSL Labs Tester</title>
    <dc:date>2015-01-03T19:21:03+00:00</dc:date>
    <link>https://sethvargo.com/getting-an-a-plus-on-qualys-ssl-labs-tester/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Not bad.]]></description>
<dc:subject>ssl tls openssl nginx security crypto dhe dhparam</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f758bcdc6ba1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dhe"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dhparam"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://knowledge.geotrust.com/support/knowledge-base/index?page=content&amp;id=AR1421&amp;actp=RELATED_RESOURCE">
    <title>GeoTrust - Knowledge Center - SSL Certificates Support</title>
    <dc:date>2014-12-05T17:47:22+00:00</dc:date>
    <link>https://knowledge.geotrust.com/support/knowledge-base/index?page=content&amp;id=AR1421&amp;actp=RELATED_RESOURCE</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[All of GeoTrust's intermediate certificates.]]></description>
<dc:subject>geotrust ssl tls ca pki crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:170497bad44d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:geotrust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html">
    <title>SSL Security Policy Table - Elastic Load Balancing</title>
    <dc:date>2014-10-15T01:15:41+00:00</dc:date>
    <link>http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Docs on AWS ELB SSL/TLS termination.]]></description>
<dc:subject>aws elb ssl tls security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:acc564594ed7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:aws"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:elb"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.openssl.org/about/secpolicy.html">
    <title>OpenSSL: About, Security Policy</title>
    <dc:date>2014-10-12T17:56:49+00:00</dc:date>
    <link>https://www.openssl.org/about/secpolicy.html</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>openssl ssl tls security privacy disclosure ops policy</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:2826bdef8356/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:disclosure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ops"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:policy"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1">
    <title>Why Google is Hurrying the Web to Kill SHA-1</title>
    <dc:date>2014-09-09T00:39:27+00:00</dc:date>
    <link>https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Much better article than Google's about why SHA-1 has to go now.]]></description>
<dc:subject>google security sha1 ssl tls crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8a127a71bdbc/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sha1"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://lists.openwall.net/linux-kernel/2014/07/17/235">
    <title>linux-kernel - [PATCH, RFC] random: introduce getrandom(2) system call</title>
    <dc:date>2014-07-17T20:39:17+00:00</dc:date>
    <link>http://lists.openwall.net/linux-kernel/2014/07/17/235</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[File descriptor exhaustion is not an attack I'd considered against random number generators.]]></description>
<dc:subject>rng getrandom linux unix syscall security entropy libressl ssl tls crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:5e5c422dd05f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:rng"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:getrandom"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:linux"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:unix"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:syscall"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:entropy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:libressl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.imperialviolet.org/2014/06/05/earlyccs.html">
    <title>ImperialViolet - Early ChangeCipherSpec Attack</title>
    <dc:date>2014-06-06T16:45:40+00:00</dc:date>
    <link>https://www.imperialviolet.org/2014/06/05/earlyccs.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Adam Langley's explanation of the CCS attack.]]></description>
<dc:subject>openssl ssl tls security ccs</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a9fc03d472c1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ccs"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.netmeister.org/blog/ssh2pkcs8.html">
    <title>Signs of Triviality</title>
    <dc:date>2014-06-06T16:43:29+00:00</dc:date>
    <link>https://www.netmeister.org/blog/ssh2pkcs8.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[More about the format expected in ~/.ssh/authorized_keys and how it relates to PEM.]]></description>
<dc:subject>openssl openssh ssh ssl pki crypto pem pkcs8</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4a49027e1681/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pem"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pkcs8"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://ccsinjection.lepidum.co.jp/">
    <title>OpenSSL #ccsinjection Vulnerability</title>
    <dc:date>2014-06-05T18:48:44+00:00</dc:date>
    <link>http://ccsinjection.lepidum.co.jp/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Another rather serious OpenSSL vulnerability.  The only saving grace here is that the client needs to be OpenSSL, too.]]></description>
<dc:subject>ccsinjection openssl ssl tls crypto security mitm</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b87c26790dbb/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ccsinjection"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mitm"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.jbrowne.com/?p=23">
    <title>How Amazon calculates private key fingerprints « Browne Blog</title>
    <dc:date>2014-05-13T22:32:48+00:00</dc:date>
    <link>http://blog.jbrowne.com/?p=23</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Perfect example of the bridge between OpenSSH and OpenSSL.]]></description>
<dc:subject>ssh ssl openssh openssl crypto pki</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:be1973da27ec/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl">
    <title>OpenSSH No Longer Has To Depend On OpenSSL - Slashdot</title>
    <dc:date>2014-05-06T17:45:11+00:00</dc:date>
    <link>http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Not that any distros will do this, I bet.]]></description>
<dc:subject>openssh openssl ssh ssl tls crypto security deps</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f515a43009fd/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:deps"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/cchandler/certificate_authority">
    <title>cchandler/certificate_authority</title>
    <dc:date>2014-04-23T00:24:53+00:00</dc:date>
    <link>https://github.com/cchandler/certificate_authority</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Chris Chandler's Ruby OpenSSL CA they used to use at Square.]]></description>
<dc:subject>openssl ssl tls ca crypto security ruby square</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:1ddb0474347f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ruby"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:square"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/jmhodges/libssl">
    <title>jmhodges/libssl</title>
    <dc:date>2014-04-21T19:04:04+00:00</dc:date>
    <link>https://github.com/jmhodges/libssl</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Git mirror of OpenBSD's OpenSSL cleanup.]]></description>
<dc:subject>openbsd openssl ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:3b06fe626fab/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openbsd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/">
    <title>src/lib/libssl/src/ssl/</title>
    <dc:date>2014-04-21T19:03:30+00:00</dc:date>
    <link>http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Canonical source of OpenBSD's cleanup of OpenSSL.]]></description>
<dc:subject>openbsd openssl ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:28d4294967a8/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openbsd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.imperialviolet.org/2012/02/05/crlsets.html">
    <title>ImperialViolet - Revocation checking and Chrome's CRL</title>
    <dc:date>2014-04-13T01:47:16+00:00</dc:date>
    <link>https://www.imperialviolet.org/2012/02/05/crlsets.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Chrome mostly doesn't check CRLs, anyway.]]></description>
<dc:subject>chrome google ssl tls crl ocsp security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a6f10374625e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:chrome"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ocsp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/jsermeno/easycert_openssl">
    <title>jsermeno/easycert_openssl</title>
    <dc:date>2014-04-11T19:27:24+00:00</dc:date>
    <link>https://github.com/jsermeno/easycert_openssl</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A bit of code sort of similar to but less usable than Certified.]]></description>
<dc:subject>ssl tls openssl ca pki security crypto certified sh</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d84253805e5d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:certified"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sh"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed">
    <title>Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed? | CloudFlare Blog</title>
    <dc:date>2014-04-11T17:19:45+00:00</dc:date>
    <link>http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Diogo says this confirms his findings, as well.]]></description>
<dc:subject>cloudflare heartbleed openssl ssl tls crypto security nginx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:327dc72e4ba2/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cloudflare"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.seacat.mobi/blog/heartbleed">
    <title>SeaCat | Blog</title>
    <dc:date>2014-04-09T22:21:57+00:00</dc:date>
    <link>http://www.seacat.mobi/blog/heartbleed</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Evidence that Heartbleed was exploited as early as 2014-03-23.]]></description>
<dc:subject>heartbleed openssl ssl tls crypto security exploit seacat</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:07d977872ac4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:exploit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:seacat"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://article.gmane.org/gmane.os.openbsd.misc/211963">
    <title>Re: FYA: http: heartbleed.com</title>
    <dc:date>2014-04-09T19:10:32+00:00</dc:date>
    <link>http://article.gmane.org/gmane.os.openbsd.misc/211963</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA["exploit mitigation countermeasures"]]></description>
<dc:subject>openssl ssl tls security malloc c portability</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:be2e03e89e81/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:malloc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:portability"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db9023b881d7cd9f379b0c154650d6c108e9a3">
    <title>git.openssl.org Git - openssl.git/commitdiff</title>
    <dc:date>2014-04-08T20:30:36+00:00</dc:date>
    <link>http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db9023b881d7cd9f379b0c154650d6c108e9a3</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The commit that fixes Heartbleed.]]></description>
<dc:subject>heartbleed openssl ssl tls crypto security c</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:771a1f1e7d74/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html">
    <title>existential type crisis : Diagnosis of the OpenSSL Heartbleed Bug</title>
    <dc:date>2014-04-08T20:26:07+00:00</dc:date>
    <link>http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Code walkthrough of Heartbleed.]]></description>
<dc:subject>heartbleed openssl ssl tls security crypto c</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f951a3a27d5b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://launchpadlibrarian.net/172128742/openssl_1.0.1-4ubuntu5.11_1.0.1-4ubuntu5.12.diff.gz">
    <title>openssl_1.0.1-4ubuntu5.11_1.0.1-4ubuntu5.12.diff.gz</title>
    <dc:date>2014-04-08T16:25:07+00:00</dc:date>
    <link>http://launchpadlibrarian.net/172128742/openssl_1.0.1-4ubuntu5.11_1.0.1-4ubuntu5.12.diff.gz</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[This is how they fixed their 1.0.1e for Heartbleed.]]></description>
<dc:subject>heartbleed ssl tls openssl crypto security patch ubuntu c</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:6a8a7b0ec966/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:patch"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ubuntu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/FiloSottile/Heartbleed">
    <title>FiloSottile/Heartbleed</title>
    <dc:date>2014-04-08T16:07:48+00:00</dc:date>
    <link>https://github.com/FiloSottile/Heartbleed</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The tool to use when checking for Heartbleed vulnerability.]]></description>
<dc:subject>golang heartbleed ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:37eb6e719c9a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:golang"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ubuntu.com/usn/usn-2165-1/">
    <title>USN-2165-1: OpenSSL vulnerabilities | Ubuntu</title>
    <dc:date>2014-04-08T16:05:43+00:00</dc:date>
    <link>http://www.ubuntu.com/usn/usn-2165-1/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Ubuntu's security advisory says to upgrade 12.04 LTS machines to 1.0.1-4ubuntu5.12.]]></description>
<dc:subject>openssl ssl tls crypto security heartbleed ubuntu</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:60730a6ac039/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ubuntu"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://heartbleed.com/">
    <title>Heartbleed Bug</title>
    <dc:date>2014-04-07T23:21:42+00:00</dc:date>
    <link>http://heartbleed.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Jesus fucking Christ.]]></description>
<dc:subject>openssl ssl tls security crypto heartbleed</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8076604c65c5/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:heartbleed"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://polarssl.org/">
    <title>SSL Library PolarSSL: Download for free or buy a commercial license</title>
    <dc:date>2014-04-04T22:17:05+00:00</dc:date>
    <link>https://polarssl.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Non-free SSL package purported to be easier to understand than OpenSSL.]]></description>
<dc:subject>polarssl polar ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b21be1293f7e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:polarssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:polar"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.isg.rhul.ac.uk/tls/">
    <title>On the Security of RC4 in TLS</title>
    <dc:date>2014-03-12T00:18:54+00:00</dc:date>
    <link>http://www.isg.rhul.ac.uk/tls/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[An attack on RC4.]]></description>
<dc:subject>crypto security tls ssl</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ebceae71f2c4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.serverdensity.com/how-to-secure-your-webapp/">
    <title>How to secure your webapp</title>
    <dc:date>2014-03-12T00:08:54+00:00</dc:date>
    <link>https://blog.serverdensity.com/how-to-secure-your-webapp/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Good list.]]></description>
<dc:subject>security ssl tls 2fa</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:c4c3e46aeb36/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:2fa"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/pquerna/selene">
    <title>pquerna/selene</title>
    <dc:date>2014-03-10T04:32:35+00:00</dc:date>
    <link>https://github.com/pquerna/selene</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A now-defunct attempt at a TLS library that's not OpenSSL.]]></description>
<dc:subject>ssl tls crypto security c</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:0cc504b70b99/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:c"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://curl.haxx.se/docs/caextract.html">
    <title>cURL - Extract CA Certs from Mozilla</title>
    <dc:date>2014-03-03T16:59:11+00:00</dc:date>
    <link>http://curl.haxx.se/docs/caextract.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Extractor for Mozilla's root certificates.]]></description>
<dc:subject>ssl tls ca trust pki curl crypto security mozilla</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:7f5cdc083712/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:trust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:curl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mozilla"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://hynek.me/articles/apple-openssl-verification-surprises/">
    <title>Apple OpenSSL Verification Surprises — Hynek Schlawack</title>
    <dc:date>2014-03-03T16:58:13+00:00</dc:date>
    <link>https://hynek.me/articles/apple-openssl-verification-surprises/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[OpenSSL on Apple platforms is full of surprises.]]></description>
<dc:subject>ssl tls openssl apple mac osx crypto security trust ca pki</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4fd512e9d0e0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:apple"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mac"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:osx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:trust"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite">
    <title>Security/Server Side TLS - MozillaWiki</title>
    <dc:date>2014-02-22T00:28:19+00:00</dc:date>
    <link>https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Mozilla's recommended cipher suite for browser-facing HTTPS servers.]]></description>
<dc:subject>ssl tls security cm</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:9e9e47a7d17f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:cm"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/igrigorik/istlsfastyet.com/blob/master/nginx.conf">
    <title>istlsfastyet.com/nginx.conf at master · igrigorik/istlsfastyet.com</title>
    <dc:date>2014-02-22T00:27:34+00:00</dc:date>
    <link>https://github.com/igrigorik/istlsfastyet.com/blob/master/nginx.conf</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Nginx configuration with SPDY, PFS, OCSP stapling, and session resumption.  Good practice.]]></description>
<dc:subject>nginx http https spdy ocsp ssl tls security networking</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4d965fd6cfba/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:spdy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ocsp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:networking"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://istlsfastyet.com/">
    <title>Is TLS Fast Yet?</title>
    <dc:date>2014-02-22T00:24:50+00:00</dc:date>
    <link>https://istlsfastyet.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Great survey of modern TLS resources.]]></description>
<dc:subject>security ssl tls networking</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:01db13057b33/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:networking"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blog.litespeedtech.com/2013/07/03/the-openlitespeed-features-keep-coming-websocket-proxy-ocsp-stapling/">
    <title>The OpenLiteSpeed Features Keep Coming: WebSocket Proxy + OCSP Stapling « LiteSpeed Blog</title>
    <dc:date>2014-02-10T17:00:37+00:00</dc:date>
    <link>http://blog.litespeedtech.com/2013/07/03/the-openlitespeed-features-keep-coming-websocket-proxy-ocsp-stapling/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[OCSP stapling is kind of interesting.]]></description>
<dc:subject>ocsp ssl tls crypto security perf</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:1f705e0ef5df/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ocsp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:perf"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin.doc%2FDOC%2FH_KEY_USAGE_EXTENSIONS_FOR_INTERNET_CERTIFICATES_1521_OVER.html">
    <title>IBM Lotus Domino and Notes Information Center</title>
    <dc:date>2014-02-02T16:29:40+00:00</dc:date>
    <link>http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.help.domino.admin.doc%2FDOC%2FH_KEY_USAGE_EXTENSIONS_FOR_INTERNET_CERTIFICATES_1521_OVER.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Explanation of OpenSSL keyUsage and extendedKeyUsage values.]]></description>
<dc:subject>openssl ssl tls security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ef888c12821c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy">
    <title>SSL Labs: Deploying Forward Secrecy | Security Labs | Qualys Community</title>
    <dc:date>2014-01-26T18:10:00+00:00</dc:date>
    <link>https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Good details on PFS.]]></description>
<dc:subject>apache nginx ssl tls pfs security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4bd512100850/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:apache"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://convergence.io/details.html">
    <title>Convergence | Beta</title>
    <dc:date>2014-01-26T17:48:43+00:00</dc:date>
    <link>http://convergence.io/details.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Seems like this is just changing who the CAs are but that isn't entirely fair because there's the problem of who signs the certificate and I think this is getting at a world where lots of notaries sign each certificate.]]></description>
<dc:subject>convergence security ssl tls pki ca firefox</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:a17285695db9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:convergence"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:firefox"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://perspectives-project.org/">
    <title>Perspectives Project | Connect securely to https websites – Blog and info for the Perspectives project</title>
    <dc:date>2014-01-26T17:46:11+00:00</dc:date>
    <link>http://perspectives-project.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The origin of the Convergence project.]]></description>
<dc:subject>firefox security ssl tls ca pki https</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:4676fdf9078a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:firefox"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:https"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://web.monkeysphere.info/">
    <title>The Monkeysphere Project</title>
    <dc:date>2014-01-26T17:44:18+00:00</dc:date>
    <link>http://web.monkeysphere.info/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[A (seemingly active) attempt to unify the various PKIs out there around the web of trust ideas promoted by PGP.]]></description>
<dc:subject>gpg pgp ssh ssl tls pki crypto security weboftrust</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:afbc4dfa7084/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gpg"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pgp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssh"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:weboftrust"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.openca.org/">
    <title>OpenCA Research Labs - Home Page</title>
    <dc:date>2014-01-26T17:39:32+00:00</dc:date>
    <link>http://www.openca.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Traditional tools for running a CA.]]></description>
<dc:subject>ssl tls pki ca security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b5f5f0526567/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ca"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://breachattack.com/">
    <title>BREACH ATTACK</title>
    <dc:date>2014-01-25T17:37:22+00:00</dc:date>
    <link>http://breachattack.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Details on the BREACH attack.]]></description>
<dc:subject>http ssl tls security gzip compression</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:8d7cc774ddc6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:gzip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:compression"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ietf.org/rfc/rfc6125.txt">
    <title>RFC 6125</title>
    <dc:date>2014-01-17T19:42:38+00:00</dc:date>
    <link>http://www.ietf.org/rfc/rfc6125.txt</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Newer recommendations completely against wildcards.  Probably a greedy certificate vendor behind some of this.]]></description>
<dc:subject>rfc ssl tls pki pkix x509 security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b2d190c13bc7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:rfc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pki"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pkix"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:x509"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.howsmyssl.com/">
    <title>How's My SSL?</title>
    <dc:date>2014-01-09T07:45:20+00:00</dc:date>
    <link>https://www.howsmyssl.com/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[SSL client evaluator.  I wish it had a plaintext mode but at least the HTML is pretty readable.]]></description>
<dc:subject>ssl tls security testing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d7690933875c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:testing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.ssllabs.com/projects/best-practices/">
    <title>Qualys SSL Labs - Projects / SSL/TLS Deployment Best Practices</title>
    <dc:date>2013-12-22T23:15:03+00:00</dc:date>
    <link>https://www.ssllabs.com/projects/best-practices/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Pretty simple, almost checklist-like, collection of ways to do SSL/TLS properly.]]></description>
<dc:subject>ssl tls security crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:85a997f3fc5e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/iSECPartners/sslyze">
    <title>iSECPartners/sslyze</title>
    <dc:date>2013-12-17T19:16:47+00:00</dc:date>
    <link>https://github.com/iSECPartners/sslyze</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Testing tool for common SSL misconfigurations and vulnerabilities.]]></description>
<dc:subject>ssl sslyze security tls</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:f56139817139/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:sslyze"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.imperialviolet.org/2013/06/27/botchingpfs.html">
    <title>ImperialViolet - How to botch TLS forward secrecy</title>
    <dc:date>2013-11-23T19:30:19+00:00</dc:date>
    <link>https://www.imperialviolet.org/2013/06/27/botchingpfs.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[The problem statement for Twitter's tmpfs-based session ticket key generation and distribution solution.  Pain in the ass for session resumption, which is only an optimization.]]></description>
<dc:subject>ssl tls crypto security pfs</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:220fe1a5267c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html">
    <title>Speeding up SSL: enabling session reuse | Vincent Bernat</title>
    <dc:date>2013-11-23T18:53:11+00:00</dc:date>
    <link>http://vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[How to use session tickets to make TLS handshakes one round-trip shorter.]]></description>
<dc:subject>ssl tls crypto perf</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:964fdd40babe/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:perf"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.twitter.com/2013/forward-secrecy-at-twitter-0">
    <title>Forward Secrecy at Twitter | Twitter Blogs</title>
    <dc:date>2013-11-23T18:51:28+00:00</dc:date>
    <link>https://blog.twitter.com/2013/forward-secrecy-at-twitter-0</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Details about Twitter's implementation perfect forward secrecy.  Very, very good stuff.]]></description>
<dc:subject>twitter ssl tls security privacy pfs dhe crypto</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:035856253a56/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:twitter"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:dhe"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies">
    <title>Google encrypts data amid backlash against NSA spying - Washington Post</title>
    <dc:date>2013-11-06T20:32:44+00:00</dc:date>
    <link>http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[I missed this when it came out.  Google's encrypting like Betable is, now.]]></description>
<dc:subject>google crypto ssl tls security privacy nsa</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:84338a7d7ecf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nsa"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.ssllabs.com/ssltest/">
    <title>Qualys SSL Labs - Projects / SSL Server Test</title>
    <dc:date>2013-11-06T16:06:16+00:00</dc:date>
    <link>https://www.ssllabs.com/ssltest/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Demystifies a lot of SSL/TLS features in the wild.]]></description>
<dc:subject>ssl tls security crypto test</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:7130cde88458/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:test"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://security.stackexchange.com/questions/20803/how-does-ssl-work/20833#20833">
    <title>certificates - How does SSL work? - Information Security Stack Exchange</title>
    <dc:date>2013-11-05T20:07:21+00:00</dc:date>
    <link>http://security.stackexchange.com/questions/20803/how-does-ssl-work/20833#20833</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Very thorough.]]></description>
<dc:subject>ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:ab0589a9e80a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ietf.org/rfc/rfc2246.txt">
    <title>The TLS Protocol Version 1.0</title>
    <dc:date>2013-09-23T03:20:24+00:00</dc:date>
    <link>http://www.ietf.org/rfc/rfc2246.txt</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>rfc ssl tls</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:71a253d9e11b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:rfc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://pyro.eu.org/how-to/micro/openssl-txt_db-error-number-2.txt">
    <title>TXT_DB error number 2</title>
    <dc:date>2013-08-13T22:02:29+00:00</dc:date>
    <link>http://pyro.eu.org/how-to/micro/openssl-txt_db-error-number-2.txt</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[If you ask openssl to produce the same certificate again without first revoking it will give you this spectacular error.]]></description>
<dc:subject>openssl ssl tls crypto security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d8be5bb0c2b6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://code-bear.com/bearlog/2013/06/26/nginx-ssl-config-for-forward-secrecy/">
    <title>Bear's Journal » Nginx SSL Config for Forward Secrecy</title>
    <dc:date>2013-07-08T18:32:38+00:00</dc:date>
    <link>http://code-bear.com/bearlog/2013/06/26/nginx-ssl-config-for-forward-secrecy/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Specific examples of Nginx ssl_ciphers configurations and an explanation of what they do.]]></description>
<dc:subject>crypto pfs ssl tls security nginx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:d9fc71231646/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/properssl">
    <title>properssl (Proper SSL)</title>
    <dc:date>2013-07-08T18:32:08+00:00</dc:date>
    <link>https://github.com/properssl</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Good repository of SSL/TLS resources.]]></description>
<dc:subject>crypto pfs ssl tls security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b75362b89f3b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://github.com/properssl/nginx-pfs">
    <title>properssl/nginx-pfs</title>
    <dc:date>2013-07-08T18:31:48+00:00</dc:date>
    <link>https://github.com/properssl/nginx-pfs</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Nginx configuration for perfect forward secrecy.]]></description>
<dc:subject>crypto pfs ssl tls security nginx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:b6d6c847f4b9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html">
    <title>SSL/TLS &amp; Perfect Forward Secrecy | Vincent Bernat</title>
    <dc:date>2013-07-08T18:31:10+00:00</dc:date>
    <link>http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[More on the theory of Diffie-Hellman and how it's used to provide perfect forward secrecy]]></description>
<dc:subject>crypto pfs ssl tls security diffiehellman</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:82199f440fae/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:diffiehellman"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://baudehlo.wordpress.com/2013/06/24/setting-up-perfect-forward-secrecy-for-nginx-or-stud/">
    <title>Setting up Perfect Forward Secrecy for nginx or stud | Matt's Hacking Blog</title>
    <dc:date>2013-07-08T18:30:38+00:00</dc:date>
    <link>http://baudehlo.wordpress.com/2013/06/24/setting-up-perfect-forward-secrecy-for-nginx-or-stud/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[Walkthrough of configuring and testing perfect forward secrecy in Nginx.]]></description>
<dc:subject>crypto pfs ssl tls security nginx</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:515e878ef1f0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crypto"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:pfs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:nginx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://openssl.6102.n7.nabble.com/Understanding-the-behvaiour-for-openssl-verify-and-crl-check-td23306.html">
    <title>OpenSSL - User - Understanding the behvaiour for openssl verify and -crl_check</title>
    <dc:date>2013-06-04T06:30:49+00:00</dc:date>
    <link>http://openssl.6102.n7.nabble.com/Understanding-the-behvaiour-for-openssl-verify-and-crl-check-td23306.html</link>
    <dc:creator>rcrowley</dc:creator><dc:subject>openssl ssl tls crl security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:76f27ae19224/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:openssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:crl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://mitmproxy.org/">
    <title>mitmproxy - home</title>
    <dc:date>2013-01-02T23:03:17+00:00</dc:date>
    <link>http://mitmproxy.org/</link>
    <dc:creator>rcrowley</dc:creator><description><![CDATA[HTTPS proxying.]]></description>
<dc:subject>http https proxy mitm ssl tls</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:rcrowley/b:994ed05f0783/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:http"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:https"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:proxy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:mitm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:ssl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:rcrowley/t:tls"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>