An ETSI GS QKD Compliant TLS Implementation

A modification of the TLS protocol is presented, using our implementation of the Quantum Key Distribution QKD standard ETSI GS QKD 014 v1.1.1. We rely on the Rustls library for this. The TLS protocol is modified while maintaining backward compatibility on the client and server side. We thus wish ...

AZL-27814 CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...