{"text":"@sophieschmieg @neverpanic @soatok we do not lack good cryptographic libraries, but a good signature format schemes that works fully offline and does not try to impose complicated\/online setups both for signing and verification.I find sigstore exceedengly complicated for simple software signing cases for example.I do not mind additional transparency ledgers or assurances if they are additive properties.Algoritmic agility and design that makes it easy to use with HSMs is a must.","truncated":false,"created_at":"Fri Jan 02 06:14:48 +0900 2026","in_reply_to_status_id":"11834025","uri":"https:\/\/fosstodon.org\/users\/simo5\/statuses\/115819563801233093","source":"ActivityPub","source_link":null,"id":11834026,"in_reply_to_user_id":41310,"in_reply_to_screen_name":"sophieschmieg","geo":null,"user":{"id":293424,"name":"Simo \u2714\ufe0f","screen_name":"simo5","location":null,"description":"Cryptography Team @ Red Hat","profile_image_url":"https:\/\/gnusocial.jp\/avatar\/293424-48-20260101165707.webp","profile_image_url_https":"https:\/\/gnusocial.jp\/avatar\/293424-48-20260101165707.webp","profile_image_url_profile_size":"https:\/\/gnusocial.jp\/avatar\/293424-96-20260101165707.webp","profile_image_url_original":"https:\/\/gnusocial.jp\/avatar\/293424-original-tmp20260101165623.webp","groups_count":0,"linkcolor":false,"backgroundcolor":false,"url":null,"protected":false,"followers_count":0,"friends_count":0,"created_at":"Fri Nov 08 10:07:12 +0900 2024","utc_offset":"0","time_zone":"UTC","statuses_count":9,"following":false,"statusnet_blocking":false,"notifications":false,"statusnet_profile_url":"https:\/\/fosstodon.org\/@simo5","cover_photo":false,"background_image":false,"profile_link_color":false,"profile_background_color":false,"profile_banner_url":false,"is_local":false,"is_silenced":false,"rights":{"delete_user":false,"delete_others_notice":false,"silence":false,"sandbox":false},"is_sandboxed":false,"favourites_count":0},"statusnet_html":"<p><a href=\"https:\/\/infosec.exchange\/@sophieschmieg\" class=\"u-url mention\">@sophieschmieg<\/a> <a href=\"https:\/\/chaos.social\/@neverpanic\" class=\"u-url mention\">@neverpanic<\/a> <a href=\"https:\/\/furry.engineer\/@soatok\" class=\"u-url mention\">@soatok<\/a> we do not lack good cryptographic libraries, but a good signature format schemes that works fully offline and does not try to impose complicated\/online setups both for signing and verification.<\/p><p>I find sigstore exceedengly complicated for simple software signing cases for example.<\/p><p>I do not mind additional transparency ledgers or assurances if they are additive properties.<\/p><p>Algoritmic agility and design that makes it easy to use with HSMs is a must.<\/p>","statusnet_conversation_id":6005024,"statusnet_in_groups":false,"external_url":"https:\/\/gnusocial.jp\/notice\/11834026","in_reply_to_profileurl":"https:\/\/infosec.exchange\/@sophieschmieg","in_reply_to_ostatus_uri":"https:\/\/infosec.exchange\/users\/sophieschmieg","attentions":[{"id":34725,"screen_name":"soatok","fullname":"Soatok Dreamseeker","profileurl":"https:\/\/furry.engineer\/@soatok","ostatus_uri":"https:\/\/furry.engineer\/users\/soatok"},{"id":41310,"screen_name":"sophieschmieg","fullname":"Sophie Schmieg","profileurl":"https:\/\/infosec.exchange\/@sophieschmieg","ostatus_uri":"https:\/\/infosec.exchange\/users\/sophieschmieg"},{"id":251115,"screen_name":"neverpanic","fullname":"Clemens","profileurl":"https:\/\/chaos.social\/@neverpanic","ostatus_uri":"https:\/\/chaos.social\/users\/neverpanic"}],"fave_num":0,"repeat_num":0,"is_post_verb":true,"is_local":false,"favorited":false,"repeated":false}