And it's not a lead spam database. It's used for connecting with subject matter experts if you want to ask questions or ask for feedback/improvement on an application, or for research on anything
Thank you for pointing that out, and I apologize for the lack of clarity in my earlier statement. In this process, we utilized ChatGPT to process and generate the related keywords.
I think the confusion comes from the fact that the linked page is not a text article, its actually an AUTOPLAYING VIDEO for a small news station. There is not actual text content
IIRC, if you have a private key you can be able to force a revocation regardless of what the owner wants. In some such as Let's Encrypt it is fully automated.
If this is a repo private, you should be realize it with a private CA that you import or is on every corp machine.
Baseline Requirements force a revocation within x hours on key disclosure.
I didn't know about CA/Browser forum and the Baseline Requirements. Thanks, will check it out!
// Edit: Relevant section:
The Subscriber Agreement or Terms of Use MUST contain provisions imposing on the Applicant [..] the following obligations and warranties:
[...]
Protection of Private Key: An obligation and warranty by the Applicant to take all reasonable measures to assure control of, keep confidential, and properly protect at all times the Private Key [...]
> Looking at digicert[1], if a revocation request is submitted, the owner must approve it. What happens if I just don't approve it?
So in this case, this is the happy-case where you as the owner wish to simply realize the cancellation a cert that you are no longer using.
A different workflow applies, such that you have the private key you instead send a POST to 'https://problemreport.digicert.com/api/keys/compromised' with the private key in the JSON body and it will be queued. It is mandatory Baseline Requirements wise to cancel the certificate within 24 hours in the compromised case - usually instant if the pk matches cert - with the expectation that of course the owner will not go this route.
We haven't had any issue getting all of our staff -- nontechnical users alike -- on yubikeys. As part of education we skip the PKI portion and just point out that it is "like your physical house key. You plug it in and touch it to turn the key to unlock"
For business use, handing out yubikeys is completely reasonable - if they're lost or broken, the company is the authority and they can (and do) just re-issue a new one and work goes on with only a temporary interruption. They're easy to explain, fast to use, provide practical security, and are simple to recover in case of total failure.
For personal use, that equation is wildly different. Google isn't going to let you attach a brand new key, you've just lost your account forever because it rained.
Yes, and our staff uses ssh keys (generally but not always without issue) and a commercial MFA app. It's one thing to get this stuff used in a controlled environemnt where you have a help desk or administrators who can do a lot of the setup. You just hand the employee their YubiKey or smart card and say "use this."
Trying to imagine your grandmother setting it up herself to be able to log in to her Facebook is another matter, and why these things have never worked for the general public.
You probably use certificates and a company PKI to manage them. No need to stress if one is lost or locked, just revoke and whip up a new certificate.
At home Yubikey is probably synonymous to FIDO not PIV/PKI. No whipping up a new one if you lose it. You better have 3 of them enrolled at any time, and have at least one stored off site.
We enroll them as standard fido/webauthn - I hate the other modes.
I agree it requires significantly more work when you can't just call the locksmith for a new one -- IT -- if you lose one on your personal account you can only go get the spare key hidden under the doormat, a printed code in your safe, or lose the account.
The Tesla owner in the article intentionally rammed his car repeatedly into a Waymo then publicly said Waymos kept hitting his car???
How stupid do you have to be to do this when both your vehicle AND the other vehicle continuously record at all times from every angle and stream it to the cloud?
Yeah, but when it's a crime of passion like that, thinking goes out the window. I doubt the driver of the Tesla woke up in the morning and decided that today they were going to ram a Waymo.
Really of you're going to mess with autonomous cars which by definition are a rolling camera, you gotta be more discreet. Sprinkle a few caltrops out your pant leg while you walk in front of it or something.
> I doubt the driver of the Tesla woke up in the morning and decided that today they were going to ram a Waymo.
Of course, not; probably more like, he fantasized about it for months, and it was a new version of some old fantasy he's been carrying carried since adolescence.
