TLS 1.3 is required to take advantage of post quantum cryptography (PQC) algorithms. Yes, we still see a lot of TLS 1.2 or earlier in deployment. We examine why this is the case and what to do about it.
Tim Callan
Chief Compliance Officer
As Chief Experience Officer, Tim Callan leads efforts to optimize the customer journey across all aspects of the business. Tim has more than 20 years of experience as a strategic marketing and product leader for successful B2B software and SaaS companies, with 15 years of experience in the SSL and PKI technology spaces.
Tim Callan has over 20 years of experience in the SSL and PKI technology spaces. Tim leads Sectigo's conformance with industry and regulatory requirements including browser root programs, WebTrust, CA/Browser Forum, and more. Tim is instrumental in driving initiatives to improve certificate agility and successful issuance. A founding member of the CA/Browser Forum and current vice-chair for one of its working groups, Tim is creator and co-host of Root Causes: A PKI and Security Podcast, the world’s most popular podcast dedicated to digital certificates. With 400+ episodes published, Tim is on the forefront of explaining trends that will be essential to the IT professionals, including shortening certificate lifespans and the coming change to post-quantum cryptography.
Recent posts by Tim Callan
Recent revelations about Mythos and its ability to expose vulnerabilities have forced us to rethink basic assumptions about cyber defense. In our "AI in 1000 Days" series, Jason Soroko and I examine the implications of these revelations three years from now. This includes upping the overall pace of attack and changes to best practices in cyber security defense.
Anthropic has delayed its widespread release of Mythos to give major software providers a chance to close off the many vulnerabilities it has discovered. We dig into the vast implications of Mythos and other AI models for the future of cybersecurity.
We discuss the possibility that our standardized ML-DSA keys turn out to be too short for true confidence, why that might occur, and the implications for private PKI certificates.
Sam Jaques joins us to explain his much-referenced chart mapping progress toward cryptographically relevant quantum computing (CRQC).
We break down the phrase "Simplicity at Scale" to see what it means to us in the context of CAs and CLM.
A few years ago NIST proposed deadlines for PQC deployment at 2030 and 2035. But recent announcements from Google and Cloudflare suggest 2029 as a better deprecation target. We are joined by Dustin Moody to get the NIST perspective on these announcements.
X9 PKI is a shared private trust model for U.S. finance, not a public WebPKI replacement, with unique benefits and tradeoffs.
Recent announcements from Google and Cloudflare have declared new 2029 deadlines for full post quantum cryptography (PQC) migration. Bas Westerbaan explains the rationale behind Cloudflare's decision and discusses implications for other enterprises., asking "Are you a gambler?"