Matt M
@mattm.bsky.social
I spent a bit of time poking around the Firefox codebase and filed a bug with the findings: bugzilla.mozilla.org/show_bug.cgi...
Those entries are a combination of both Kamu SM as well as roots which have been locally added to Firefox's trust store
Those entries are a combination of both Kamu SM as well as roots which have been locally added to Firefox's trust store
1972339 - cert.validation_success_by_ca bin collision between CAs and unknown entries in RootCertificateTelemetryUtils.h
NEW (nobody) in Core - Security: PSM. Last updated 2025-06-16.
bugzilla.mozilla.org
June 16, 2025 at 3:01 PM
I spent a bit of time poking around the Firefox codebase and filed a bug with the findings: bugzilla.mozilla.org/show_bug.cgi...
Those entries are a combination of both Kamu SM as well as roots which have been locally added to Firefox's trust store
Those entries are a combination of both Kamu SM as well as roots which have been locally added to Firefox's trust store
I think it’s a data error, possibly on Mozilla’s part - I found a comment suggesting bins 0 and 1 are reserved, but recently they put Kamu SM into bin 1. Maybe I’ll just exclude those suspicious bins.
June 14, 2025 at 7:19 PM
I think it’s a data error, possibly on Mozilla’s part - I found a comment suggesting bins 0 and 1 are reserved, but recently they put Kamu SM into bin 1. Maybe I’ll just exclude those suspicious bins.
The key line here is:
> ... certificates issued on or after June 15, 2026 MUST include the extendedKeyUsage extension and only assert an extendedKeyUsage purpose of id-kp-serverAuth.
> ... certificates issued on or after June 15, 2026 MUST include the extendedKeyUsage extension and only assert an extendedKeyUsage purpose of id-kp-serverAuth.
February 14, 2025 at 10:12 PM
The key line here is:
> ... certificates issued on or after June 15, 2026 MUST include the extendedKeyUsage extension and only assert an extendedKeyUsage purpose of id-kp-serverAuth.
> ... certificates issued on or after June 15, 2026 MUST include the extendedKeyUsage extension and only assert an extendedKeyUsage purpose of id-kp-serverAuth.
If you have access to a 3d printer, thangs.com/designer/Hac...
XShot Dart Chain Expansion - 3D model by Hacksmith on Thangs
This 3d printable model lets you expand the length and capacity of your XShot Nerf dart chain giving you the ability to load in as many darts as you want. - 3D
thangs.com
December 25, 2024 at 6:04 PM
If you have access to a 3d printer, thangs.com/designer/Hac...
I think this comment really made it click for me why this is useful in a way that the docs alone hadn't!
December 17, 2024 at 5:48 PM
I think this comment really made it click for me why this is useful in a way that the docs alone hadn't!