-
Blog Post Sep 17, 2019
Status of Browsers and EV Indicators
Browsers are in a time of change for Extended Validation (EV) SSL indicators. Where once all popular browsers reliably displayed the company name in green to the left of the web address, now Chrome and Firefox have decided to remove the company name and require a click on the lock icon to see the certificate’s identity information.
-
Podcast Sep 10, 2019
Root Causes 37: Will Quantum Annealing Break Cryptography?
In this episode we examine the potential for quantum annealing to break RSA-based cryptography sooner than expected.
-
Blog Post Sep 03, 2019
Sectigo Votes in Favor of One-Year SSL Certificate Term Limit
After careful consideration, Sectigo has decided to vote in favor of CA/Browser Forum (CABF) ballot SC22, which seeks to limit the allowed duration of TLS / SSL certificates to 397 days, or about thirteen months. It is a complex issue with pros and cons for both outcomes. This post will spell out our reasons for voting as we have.
-
Podcast Sep 03, 2019
Root Causes 36: The Search for Quantum Resistant Crypto
Finding new quantum-resistant cryptography is a difficult task requiring coordinated effort. Join us to learn how NIST is leading this effort.
-
Podcast Aug 28, 2019
Root Causes 35: Quantum Apocalypse - Mosca's Inequality and Mad Max
Our hosts discuss how long we have until quantum computers defeat today's encryption algorithms and what happens if our cryptography isn't updated in time.
-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
Podcast Aug 25, 2019
Root Causes 34: Shadow IT and PKI
Shadow IT has become a fact of the modern enterprise. This fragmentation leads to identity and access challenges, which we discuss in this episode.
-
Podcast Aug 18, 2019
Root Causes 33: Prepare for One-Year Limits on SSL Certificates
A proposed CA/Browser Forum ballot stands to limit SSL certificates to 13 months. Learn what such a change might mean to IT professionals everywhere.
-
Podcast Aug 15, 2019
Root Causes 32: Why Do Browsers & Academics Say Differently About EV?
Research shows that sites with Extended Validation SSL certificates are less likely for malware and phishing. So why do browsers say it isn't effective?
-
Blog Post Aug 14, 2019
Be Prepared for One-Year SSL Certificate Duration
A recent CA/Browser Forum ballot sponsored by Google stands to limit SSL certificate lifespans to 397 days starting in March 2020. Should this pass, organizations using two-year SSL certificates will need to change their practices to only one-year certificates moving forward. Fortunately, automation options are available.
-
Podcast Aug 12, 2019
Root Causes 31: Using PKI to Authenticate Phone Callers
Caller ID numbers have no identity value as they are completely self-reported, enabling robocalling scams. Our hosts explain a new effort to end them.
-
Webinar Aug 08, 2019
Root Causes Webinar: Securing a World of Interconnected Devices
Learn how PKI and device hardening technologies are the answer to secure your IoT devices for enterprise and critical infrastructure.