-
Podcast Sep 25, 2024
Root Causes 424: Using LoRA IoT Protocol for Clandestine Communication
In this episode we describe the LoRA protocol, which allows IoT devices to communicate securely without using a cellular network.
-
Podcast Sep 20, 2024
Root Causes 423: Is a Certificate Software or a Service?
In this episode we discuss the dual nature of a public certificate as both a file and part of a holistic service that lasts until its expiration.
-
Podcast Sep 19, 2024
Root Causes 422: New Date for Entrust Distrust
With a few easy tweaks, you can get your track to listeners most likely to love it. Learn more about how to modify your track to make it eligible.
-
Podcast Sep 16, 2024
Root Causes 421: FIDO 2 Implementation Problems
White hat researchers have raised concerns about FIDO 2 (AKA WebAuthn). We explain.
-
Podcast Sep 13, 2024
Root Causes 420: New Side Channel Attack Against YubiKeys
EUCLEAK, a newly revealed side-channel vulnerability, can clone the contents of a YubiKey. We talk about the attack and its significance.
-
Podcast Sep 10, 2024
Root Causes 419 - What Happens to Vendors Who Don't Support ACME?
There are still products and operating systems that don't support ACME. We explore what happens to them when 90-day SSL certificates become required.
-
Podcast Sep 06, 2024
Root Causes 418: From Cryptographic Homogeneity to Heterogeneity
PQC will move us from cryptographic homogeneity to cryptographic heterogeneity, with multiple KEMs and DSAs eventually expected as ongoing standards.
-
Podcast Sep 03, 2024
Root Causes 417: Introducing pkimetal, the PKI Meta-linter
We introduce pkimetal, an open source project from Rob Stradling that allows CA to write to many popular linters with a single integration.
-
Podcast Aug 30, 2024
Root Causes 416: Subscriber Restraining Order Prevents Revocation
An enterprise SSL subscriber recently used a Temporary Restraining Order to prevent the proper revocation of misissued certificates. We explain.
-
Podcast Aug 27, 2024
Root Causes 415: What Can I Do with These New FIPS PQC Standards?
NIST recently released PQC algorithmic standards in FIPS-203, 204, and 205. We describe what is necessary for enterprises to begin using these algorithms.
-
Podcast Aug 23, 2024
Root Causes 414: What Are the Revocation Periods for Public Certs?
We detail mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
-
Podcast Aug 16, 2024
Root Causes 413: NIST Releases Standards for Three PQC Algorithms
On August 13, 2024, NIST released its first three standards for PQC algorithms, ML-KEM, ML-DSA, and SLH-DSA.