-
Listen Now
EPISODE 421
Broadcast Date:
September 16, 20248 minutes
Podcast Sep 16, 2024Root Causes 421: FIDO 2 Implementation Problems
White hat researchers have raised concerns about FIDO 2 (AKA WebAuthn). We explain.
-
Listen Now
EPISODE 420
Broadcast Date:
September 13, 202413 minutes
Podcast Sep 13, 2024Root Causes 420: New Side Channel Attack Against YubiKeys
EUCLEAK, a newly revealed side-channel vulnerability, can clone the contents of a YubiKey. We talk about the attack and its significance.
-
Listen Now
EPISODE 419
Broadcast Date:
September 10, 202416 minutes
Podcast Sep 10, 2024Root Causes 419 - What Happens to Vendors Who Don't Support ACME?
There are still products and operating systems that don't support ACME. We explore what happens to them when 90-day SSL certificates become required.
-
Learn More
Current state of quantum cryptography & why readiness is key
Blog Post from Sectigo
Blog Post Sep 09, 2024The quantum era threatens traditional cryptography. Quantum-resistant algorithms are emerging, and organizations must prepare for the coming changes.
-
Listen Now
EPISODE 418
Broadcast Date:
September 6, 202418 minutes
Podcast Sep 06, 2024Root Causes 418: From Cryptographic Homogeneity to Heterogeneity
PQC will move us from cryptographic homogeneity to cryptographic heterogeneity, with multiple KEMs and DSAs eventually expected as ongoing standards.
-
Listen Now
EPISODE 417
Broadcast Date:
September 3, 20249 minutes
Podcast Sep 03, 2024Root Causes 417: Introducing pkimetal, the PKI Meta-linter
We introduce pkimetal, an open source project from Rob Stradling that allows CA to write to many popular linters with a single integration.
-
Listen Now
EPISODE 416
Broadcast Date:
August 30, 202423 minutes
Podcast Aug 30, 2024Root Causes 416: Subscriber Restraining Order Prevents Revocation
An enterprise SSL subscriber recently used a Temporary Restraining Order to prevent the proper revocation of misissued certificates. We explain.
-
Listen Now
EPISODE 415
Broadcast Date:
August 27, 202420 minutes
Podcast Aug 27, 2024Root Causes 415: What Can I Do with These New FIPS PQC Standards?
NIST recently released PQC algorithmic standards in FIPS-203, 204, and 205. We describe what is necessary for enterprises to begin using these algorithms.
-
Listen Now
EPISODE 414
Broadcast Date:
August 23, 202412 minutes
Podcast Aug 23, 2024Root Causes 414: What Are the Revocation Periods for Public Certs?
We detail mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
-
Listen Now
EPISODE 413
Broadcast Date:
August 16, 20247 minutes
Podcast Aug 16, 2024Root Causes 413: NIST Releases Standards for Three PQC Algorithms
On August 13, 2024, NIST released its first three standards for PQC algorithms, ML-KEM, ML-DSA, and SLH-DSA.
-
Listen Now
EPISODE 412
Broadcast Date:
August 13, 202410 minutes
Podcast Aug 13, 2024Root Causes 412: Google Throws in the Towel on Eliminating Cookies
We have in the past covered Chrome's initiatives to replace cookies. Now Chrome has announced that for the foreseeable future cookies will remain.
-
Listen Now
EPISODE 411
Broadcast Date:
August 9, 202420 minutes
Podcast Aug 09, 2024Root Causes 411: PQC Security Levels
Repeat guest Bas Westerbaan of Cloudflare talks through the concept of "security levels" in post-quantum cryptography.