Profile

Cover photo
Carl Mehner
119 followers|182,677 views
AboutPostsPhotos

Stream

Carl Mehner

Shared publicly  - 
 
Like my PKI Posters?
You can now buy them printed on all sorts of cool things!

thank you for your support
4
1
Carl Mehner's profile photoRIch Davey's profile photoAnge Albertini's profile photo
4 comments
 
Congrats!
Add a comment...

Carl Mehner

Shared publicly  - 
 
Our hard work getting called out on the TWiT​ network for our A+ SSL rating!
Thanks +Leo Laporte for your membership
1
Add a comment...

Carl Mehner

Shared publicly  - 
 
Here is the rather impromptu talk I gave at +LASCON 2014 about TLS and how I discovered CVE-2014-4449 and showed a bypass of the TLS certificate validation in certain connections to iCloud.
2
RIch Davey's profile photo
 
Great Job! Further proof that key and algorithm strength are not the only elements to good cryptographic implementations.
Add a comment...

Carl Mehner

Shared publicly  - 
 
New PKI Poster, the PKCS #7 (or as it's known on windows: p7b)
2
Add a comment...

Carl Mehner

Shared publicly  - 
2
3
Filipe Rodrigues's profile photoJonathan Pirro (Spike)'s profile photo
Add a comment...

Carl Mehner

Shared publicly  - 
 
new post with a bit more explaination of the rsa key posters I made
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part One). 2014-12-21. To better understand the ins and outs of TLS certificates and the way they are stored in files, I decided to do a short series on the different PKCS (Public Key Cryptography Standards) that ...
8
3
Gonzalo Antonio Sosa M.'s profile photoJvr Portu's profile photoThe SciaticNerd's profile photoDenis Denisov's profile photo
2 comments
 
check this +Víctor Jiménez 
Add a comment...
Have him in circles
119 people
Oussama Amri's profile photo
netzwerkundsystem Oldenburg's profile photo
Garrett Heaton's profile photo
Jean-Christophe Sirot's profile photo
John Draper's profile photo
Welkson Renny de Medeiros's profile photo
John Geck's profile photo
ionut jula's profile photo
Joachim Kessel's profile photo

Carl Mehner

Shared publicly  - 
 
Revocation Posters! CRL and OCSP

(even though +Adam Langley rightly says it does not work :-P )
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Seven). 2015-04-02. Certificate revocation has been done in two primary ways Certificate Revocation Lists (CRLs) and the Online Certificate Status Protocol (OCSP) at least until some browsers stopped checking ...
4
Robin Alden's profile photoCarl Mehner's profile photo
2 comments
 
Thanks +Robin Alden​, I agree with you there, ​about crlsets, especially since the only serials that are included are the "interesting" ones.
Add a comment...

Carl Mehner

Shared publicly  - 
 
Curious about keystores? Here are two more PKI posters, PFX and JKS.
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Six). 2015-03-15. One thing that is noticeably, different, from, previous, posters is that these formats are not encoded in base64, they are binary files. Most of the other files can be interpreted by ...
2
1
Jose Villasenor's profile photo
Add a comment...

Carl Mehner

Shared publicly  - 
 
[new post] PKCS #7
The Certificate Chain
http://www.cem.me/20150301-cert-binaries-5.html
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Five). 2015-03-01. Previous Posts: (Part One, Part Two, Part Three, Part Four). Certificates used in webservers and other end-entity uses are signed by issuers (which should not be root CAs, ...
3
Add a comment...

Carl Mehner

Shared publicly  - 
 
What is in a certificate?
Here's a byte-by-byte breakdown on the basis of trust for TLS communication. (Part four in a series)
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Four). 2014-02-09. If you missed the previous posts, you may want to read them first (Part One, Part Two, Part Three). After the certificate authority (CA) receives the CSR, it signs it, then sends back the ...
3
2
Carl Mehner's profile photoJürgen Christoffel's profile photoMartin H. Sluka's profile photo
2 comments
 
I looked into it, right now they are at the back of my planed list. (But that's only 5-6 deep)
Add a comment...

Carl Mehner

Shared publicly  - 
 
How does a CSR look on the inside? a post explaining the structure of the CSR.
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Three). 2015-01-21. If you missed the previous posts, you may want to read them first (Part One, Part Two). This first part is a building block for more wonderful things to come. The Distinguished Name for ...
7
2
Jvr Portu's profile photoAnge Albertini's profile photo
Add a comment...

Carl Mehner

Shared publicly  - 
 
::New Blog Post::
A detailed explanation of the PKCS#8 Private Key posters.
index · about · Google+ · cem.me. carl mehner's blog. Certificate Binary Posters (Part Two). 2015-01-04. If you missed the previous post, you may want to read that first (Part One). The previous post shows one way to store private keys, the PKCS#1 format. This post shows a different format, ...
4
2
Jürgen Christoffel's profile photoRashad Prince's profile photoJvr Portu's profile photoCédric Bonhomme's profile photo
2 comments
 
dope!
Add a comment...
People
Have him in circles
119 people
Oussama Amri's profile photo
netzwerkundsystem Oldenburg's profile photo
Garrett Heaton's profile photo
Jean-Christophe Sirot's profile photo
John Draper's profile photo
Welkson Renny de Medeiros's profile photo
John Geck's profile photo
ionut jula's profile photo
Joachim Kessel's profile photo
Work
Occupation
Computer
Employment
  • Security Analyst, present
Links
Contributor to
Story
Tagline
Security Researcher
Introduction
information security is key (asymmetric)
Bragging rights
CVE-2014-4449, AT&T Bug Bounty 2014 Top 10, Microsoft Security Researcher recognition, VEN-17930
Basic Information
Gender
Male