Shinsegae Confirms An Employee Stole Gift Certificates Bought By NCT's Jaemin For His Fans - KpopNewsHub – Latest K-Pop News, Idols & Korean Entertainment

Upon investigation, Shinsegae Group has confirmed the allegations that an employee stole multiple gift certificates that NCT’s Jaemin had purchased as gifts

WebPKI and You

There’s been a push over the last twelve years to move web traffic off unencrypted HTTP to encrypted HTTPS, to protect the general public from dragnet surveillance, gaping assholes on public wifi>airpwn, backhauls over unencrypted satellites, that kinda thing. HTTPS relies on a public key infrastructure to make sure only authorized servers have keys for specific websites. [>oid]: an OID or “Object IDentifier” is intended [brs]: https://cabforum.org/working-groups/server/baseline-requirements/documents/CA-Browser-Forum-TLS-BR-2.1.8.pdf [crtsh]: https://crt.sh/?q=blog.brycekerley.net [lol-diginotar]: https://en.wikipedia.org/wiki/DigiNotar#Issuance_of_fraudulent_certificates [iv-ocsp]: https://www.imperialviolet.org/2011/03/18/revocation.html [>mac-ocsp]: Jeff Johnson’s [>crlite]: these use cascading bloom filters which [>short-lived]: the CA/BF baseline requirements [trustico-chrome]: https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html [trustico-gone]: https://arstechnica.com/information-technology/2018/03/trustico-website-goes-dark-after-someone-drops-critical-flaw-on-twitter/ [trustico-compromise]: https://groups.google.com/g/mozilla.dev.security.policy/c/wxX4Yv0E3Mk/m/o1cdfx2nAQAJ [>enclaves]: Amazon Web Services (AWS) and [>history]: i mean, i remember from when it happened [>parasite]: You may have realized that I don’t think [van-halen]: https://snackstack.net/2023/07/03/in-search-of-van-halens-brown-mms/ [>osi]: I’m not going to hit you with a [>responsibility]: in every part of your life! [>bloom]: [>later]: At time of publishing, it’s March 8, 2026 [hsts]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security [>hsts]: This is generally a hardcoded value, [>cattle]: “cattle” is when there’s [ari]: https://letsencrypt.org/2025/09/16/ari-rfc [>caddy-ari]: I checked Caddy, the front-end server [>left]: there may be value in trying to renew [audits]: https://cabforum.org/about/information/auditors-and-assessors/audit-criteria/

Kubernetes Certificate Rotation

Complete guide to Kubernetes certificate rotation - automatic and manual methods for kubeadm, RKE2, and K3s clusters.

LVFS: Home

DNS-PERSIST-01: A New Model for DNS-based Challenge Validation

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

Problems with importing Firewall CA Certificate

We have Sophos Firewall and need to import its CA certificate into the system’s Trusted CA store as websites give an "Untrusted Certificate Error" upon connecting to the VPN. The websites...