PHP Now Supports Argon2 Next-Generation Password Hashing Algorithm

An anonymous reader quotes Bleeping Computer: PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language’s support for cryptography and password hashing algorithms. Of all changes, the most significant is, by far, the support for Argon2, a password hashing algorithm developed in the early 2010s. Back in 2015, Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest. The algorithm is currently considered to be superior to Bcrypt, today’s most widely used password hashing function, in terms of both security and cost-effectiveness, and is also slated to become a favorite among cryptocurrencies, as it can also handle proof-of-work operations. The other major change in PHP 7.2 was the removal


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BFCAz2RcS2E/php-now-supports-argon2-next-generation-password-hashing-algorithm

Original article

StartCom Will Stop Issuing Certificates, Revoking Them All in 2020

thegarbz writes: Startcom, a certificate authority which as we covered previously has been distrusted by Mozilla, by Google, and recently also by Microsoft, has announced that it will cease trading as a Certificate Authority. While their website currently shows no indication that their certificates have any problems, a news posting has announced their intentions to stop providing certificates as of January 2018, and to revoke all remaining certificates in 2020.

The original submission also says StartCom sent an email to all their former customers — including customers of their free StartSSL certificates — announcing their intentions.

As you are surely aware, the browser makers distrusted StartCom around a year ago and therefore all the end entity certificates newly issued by StartCom are not trusted by default in browsers.

The browsers imposed some conditions in order for the certificates to be re-accepted. While StartCom believes that these conditions have been met, it


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fgBFvjwyPLY/startcom-will-stop-issuing-certificates-revoking-them-all-in-2020

Original article

Show HN: Manage raw WebSockets from AWS Lambda using Fanout

README.md

Author: Justin Karneges justin@fanout.io
Function-as-a-service backends are not well-suited for handling long-lived connections, such as HTTP streams or WebSockets, because the function invocations are meant to be short-lived. The FaaS GRIP library makes it easy to delegate long-lived connection management to Fanout Cloud. This way, backend functions only need to be invoked when there is connection activity, rather than having to run for the duration of each connection.
This library is intended for use with AWS Lambda and AWS API Gateway. Support for other FaaS backends may be added in the future.

Install this module:

Set the GRIP_URL environment variable containing your Fanout Cloud settings, of the form:
https://api.fanout.io/realm/your-realm?iss=your-realm&key=base64:your-realm-key

Next, set up an API and resource in AWS API Gateway to point to your Lambda function, using a Lambda Proxy Integration. If you wish to support WebSockets, be sure to add application/websocket-events as a Binary media type.
Finally, edit the Fanout Cloud domain


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/irh-FmC859o/python-faas-grip

Original article

Termination of StartCom business

Termination of StartCom business

16th Nov. 2017

16th Nov. 2017.

StartCom has played a critical role as a Certification Authority in data security and electronic commerce by providing an independent “trusted third party” guarantee all these years.
Around a year ago the majority of the browser makers decided to distrust StartCom, remove the StartCom root certificates from their root stores and not accept newly end entity certificates issued by StartCom.
Despite the efforts made during this time by StartCom, up to now, there has not been any clear indication from the browsers that StartCom would be able to regain the trust. Therefore, the owners of StartCom have decided to terminate StartCom as a Certification Authority (CA).
From January 1st, 2018, StartCom will not issue any new end entity certificate and will only provide validation services through its OCSP and CRL services


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/rxrvcg63jX0/newDetail

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: