Mixing up Public and Private Keys in OpenID Connect deployments - Hanno's blog
This blog is written by Hanno Böck. Unless noted otherwise, its content is licensed as CC0.
Hanno Böck (of badkeys.info among other projects) posted an interesting article about OpenID Connect implementations that mix up their public and private keys:
25.02.2025 19:55 — 👍 2 🔁 2 💬 1 📌 0
Journalismus mit Tiefgang, von Mitgliedern finanziert.
Werde JETZT Mitglied auf jetzt.at
JETZT gemeinsam.
Innenpolitik-Redakteur beim STANDARD, gerne über Parlamentarismus und auch Vorarlberg. Laut Oma „informativ mit einem Schuss Humor“. Kaum privat hier.
Doing what I can to keep activists, journalists, and researchers safe and productive — writing at https://micahflee.com — author of HACKS, LEAKS, AND REVELATIONS https://hacksandleaks.com — signal: micah.01
🇪🇺 // JOIN ME ON MASTODON: https://edi.social/@janboehm // @ZDF Magazin Royale 🦠/ fest & flauschig @Spotify / hotline +49 30 959997666 / ❤️✊️😉 / unvernunft.berlin / boehmermann.de
Internet Security, Trust, and Safety Researcher. Stanford CS Faculty, Censys Founder and Chief Scientist, ZMap Creator. https://zakird.com/
@harkank@chaos.social = 127.0.0.1
Still your mom’s favorite hacker!
You may know me from the Austrian parliament or national library, "hacktivist", computers this and that.
https://cards-for-ukraine.at
https://www.wired.com/story/heisse-preise-food-prices/
@badlogic@mastodon.gamedev.place
https://mariozechner.at
Visual Investigations at The New York Times
historian, affiliate ACIPSS, tweets about: spy stuff, terrorism, military history & film
Immer dort, wo es brennt. Wien. Journalist DER STANDARD & Watchblog & investigative Recherchen, Krautreporter
Politik, Medien & Sonstiges | Kein ORF-Account | Blog: arminwolf.at | Foto: Peter Rigaud
CEO and founder of runZero.com, previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams. Contact info, presentations, and more at https://hdm.io/
Web security research from the team at PortSwigger.
Substack: http://lcamtuf.substack.com/archive
Homepage: http://lcamtuf.coredump.cx
ɿɘɘniϱnɘ ɘƨɿɘvɘɿ
🎦 youtube.com/@jiskac
📝 naehrdine.blogspot.com
🐥 twitter.com/naehrdine
🎓 hpi.de/classen
📱 reversing.training
offensive security researcher
I'm more active on mastodon, so if you're on both check me out there:
https://hachyderm.io/@zcutlip
I also was https://twitter.com/zcutlip before...well you know
I like writing silly skeets, but that doesn't pay so I also make Google Chrome. mamá, Eng Director, volunteer at Second Harvest. 🇺🇲🇨🇷
Twitter: @__apf__
