-
Podcast Jun 12, 2020
Root Causes 99: AddTrust Root Expiration Explained
The recent expiration of Sectigo's AddTrust legacy root caused some systems to stop working and forced some admins to keep working over the weekend.
-
Podcast Jun 08, 2020
Root Causes 98: DMARC and Verified Mark Certificates for Email
A new kind of identity certificate is coming that will enable businesses to include their logos in official email.
-
Podcast Jun 04, 2020
Root Causes 97: Firefox to Deprecate Support for FTP
Mozilla has announced its intention to remove support for FTP from the Firefox browser.
-
Blog Post Jun 02, 2020
This past Saturday Sectigo’s twenty-year-old AddTrust legacy root expired. Read here to learn what happened and why.
-
Podcast Jun 01, 2020
Root Causes 96: Signal May Leave USA to Protect End-to-End Encryption
Congress's proposed EARN IT act has many industry observers worried about its potential effect on the integrity of encrypted communication.
-
Podcast May 28, 2020
Root Causes 95: Cryptographic Key Vaulting
For PKI to be secure, private keys need to remain private. In this episode we explain "vaulting" for keys or other shared secrets.
-
Podcast May 26, 2020
Root Causes 94: Revocation Checking Through OCSP and CRL
One essential portion of the certificate lifecycle is the ability to revoke certificates. Public SSL certificates use a pair of mechanisms to communicate this revocation status to client machines, CRL and OCSP. In this episode we explain how these mechanisms work and some of their strengths and challenges.
-
Podcast May 21, 2020
Root Causes 93: Videoconferencing Phishing
With the global workforce's massive shift to work-from-home, a clever new set of opportunistic social engineering attacks has sprung up to take advantage of our unfamiliarity with our new communication and collaboration applications and processes. In this episode our hosts describe these new attacks and what IT departments can do to combat them.
-
Podcast May 18, 2020
Root Causes 92: COVID-19 Immunity Passports
As we plan our societal return to normalcy, a number of people and groups are discussing the concept of an electronic "immunity passport" that individuals can possess if they are known to be immune to COVID-19 (possibly through vaccination or prior infection). Today our hosts discuss the requirements for such an immunity passport, some of the opportunities and challenges in putting this kind of system in place, and how existing schemes and systems may fit into an immunity passport initiative.
-
Webinar May 15, 2020
Making Zero Trust Possible
Join us with 451 Research in this webinar, as we explore zero trust and what makes it possible, and how organizations can take advantage of zero trust now.
-
Podcast May 13, 2020
Root Causes 91: Rabobank Banking App Outage
"Zero Trust" is an IT security philosophy that maximizes protection from threats by tightly controlling access and permissions for every individual, device, and process in the organization's environment. Learn how digital identity and certificates play a key role in operating a secure Zero Trust strategy.
-
Podcast May 11, 2020
Root Causes 90: An Analysis of Distributed PKI
Advocates of distributed PKI say it will eliminate weaknesses in traditional, hierarchical PKI. In this episode we test if these claims to see hold up.