-
Podcast Sep 29, 2019
Root Causes 40: The Reports of RSA's Death Are Greatly Exaggerated
Security newcomer Crown Sterling claimed to factor the RSA algorithm. Join our hosts as they debunk this misleading rumor and discuss RSA encryption today.
-
Podcast Sep 26, 2019
Root Causes 39: New University Research on Phishing and Certificates
The majority of phishing sites now use SSL certificates to closely imitate the behavior of legitimate sites. Join our hosts as we dig into these findings.
-
Podcast Sep 23, 2019
Root Causes 38: Interesting Breaches In August
The month of August saw some unusual criminal activity when it comes to PKI and malware. Our hosts explain four August news stories.
-
Webinar Sep 23, 2019
PKI for DevOps Orchestration
Learn how TLS certificates and code signing within CI/CD pipelines help you secure your DevOps environment.
-
Blog Post Sep 17, 2019
Status of Browsers and EV Indicators
Browsers are in a time of change for Extended Validation (EV) SSL indicators. Where once all popular browsers reliably displayed the company name in green to the left of the web address, now Chrome and Firefox have decided to remove the company name and require a click on the lock icon to see the certificate’s identity information.
-
Podcast Sep 10, 2019
Root Causes 37: Will Quantum Annealing Break Cryptography?
In this episode we examine the potential for quantum annealing to break RSA-based cryptography sooner than expected.
-
Blog Post Sep 03, 2019
Sectigo Votes in Favor of One-Year SSL Certificate Term Limit
After careful consideration, Sectigo has decided to vote in favor of CA/Browser Forum (CABF) ballot SC22, which seeks to limit the allowed duration of TLS / SSL certificates to 397 days, or about thirteen months. It is a complex issue with pros and cons for both outcomes. This post will spell out our reasons for voting as we have.
-
Podcast Sep 03, 2019
Root Causes 36: The Search for Quantum Resistant Crypto
Finding new quantum-resistant cryptography is a difficult task requiring coordinated effort. Join us to learn how NIST is leading this effort.
-
Podcast Aug 28, 2019
Root Causes 35: Quantum Apocalypse - Mosca's Inequality and Mad Max
Our hosts discuss how long we have until quantum computers defeat today's encryption algorithms and what happens if our cryptography isn't updated in time.
-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
Podcast Aug 25, 2019
Root Causes 34: Shadow IT and PKI
Shadow IT has become a fact of the modern enterprise. This fragmentation leads to identity and access challenges, which we discuss in this episode.
-
Podcast Aug 18, 2019
Root Causes 33: Prepare for One-Year Limits on SSL Certificates
A proposed CA/Browser Forum ballot stands to limit SSL certificates to 13 months. Learn what such a change might mean to IT professionals everywhere.