-
Listen Now
EPISODE 39
Broadcast Date:
September 26, 201920 minutes
Podcast Sep 26, 2019Root Causes 39: New University Research on Phishing and Certificates
The majority of phishing sites now use SSL certificates to closely imitate the behavior of legitimate sites. Join our hosts as we dig into these findings.
-
Listen Now
EPISODE 38
Broadcast Date:
September 23, 201929 minutes
Podcast Sep 23, 2019Root Causes 38: Interesting Breaches In August
The month of August saw some unusual criminal activity when it comes to PKI and malware. Our hosts explain four August news stories.
-
Watch Now
54 minutes
Webinar Sep 23, 2019PKI for DevOps Orchestration
Learn how TLS certificates and code signing within CI/CD pipelines help you secure your DevOps environment.
-
Blog Post Sep 17, 2019
Status of Browsers and EV Indicators
Browsers are in a time of change for Extended Validation (EV) SSL indicators. Where once all popular browsers reliably displayed the company name in green to the left of the web address, now Chrome and Firefox have decided to remove the company name and require a click on the lock icon to see the certificate’s identity information.
-
Listen Now
EPISODE 37
Broadcast Date:
September 10, 201921 minutes
Podcast Sep 10, 2019Root Causes 37: Will Quantum Annealing Break Cryptography?
In this episode we examine the potential for quantum annealing to break RSA-based cryptography sooner than expected.
-
Blog Post Sep 03, 2019
Sectigo Votes in Favor of One-Year SSL Certificate Term Limit
After careful consideration, Sectigo has decided to vote in favor of CA/Browser Forum (CABF) ballot SC22, which seeks to limit the allowed duration of TLS / SSL certificates to 397 days, or about thirteen months. It is a complex issue with pros and cons for both outcomes. This post will spell out our reasons for voting as we have.
-
Listen Now
EPISODE 36
Broadcast Date:
September 3, 201921 minutes
Podcast Sep 03, 2019Root Causes 36: The Search for Quantum Resistant Crypto
Finding new quantum-resistant cryptography is a difficult task requiring coordinated effort. Join us to learn how NIST is leading this effort.
-
Listen Now
EPISODE 35
Broadcast Date:
August 28, 201920 minutes
Podcast Aug 28, 2019Root Causes 35: Quantum Apocalypse - Mosca's Inequality and Mad Max
Our hosts discuss how long we have until quantum computers defeat today's encryption algorithms and what happens if our cryptography isn't updated in time.
-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
Listen Now
EPISODE 34
Broadcast Date:
August 25, 201923 minutes
Podcast Aug 25, 2019Root Causes 34: Shadow IT and PKI
Shadow IT has become a fact of the modern enterprise. This fragmentation leads to identity and access challenges, which we discuss in this episode.
-
Listen Now
EPISODE 33
Broadcast Date:
August 18, 201917 minutes
Podcast Aug 18, 2019Root Causes 33: Prepare for One-Year Limits on SSL Certificates
A proposed CA/Browser Forum ballot stands to limit SSL certificates to 13 months. Learn what such a change might mean to IT professionals everywhere.
-
Listen Now
EPISODE 32
Broadcast Date:
August 15, 201925 minutes
Podcast Aug 15, 2019Root Causes 32: Why Do Browsers & Academics Say Differently About EV?
Research shows that sites with Extended Validation SSL certificates are less likely for malware and phishing. So why do browsers say it isn't effective?
