-
Blog Post Jul 28, 2019
An article from yesterday incorrectly calls Comodo an issuer of SSL certificates. Comodo has not been in the digital certificate business since 2017, when Sectigo spun out as its own business.
-
-
Podcast Jul 24, 2019
Root Causes 29: Vulnerabilities in Cisco and Device Integrity Controls
Our hosts and guest Alan Grau discuss what is happening with security flaws in the device integrity modules various devices, why, and what to do about it.
-
Podcast Jul 22, 2019
Root Causes 28: SSL Certificate Automation Through ACME
ACME is a new SSL certificate automation standard that is taking the world by storm. Join our hosts and guest Abul Salek as they discuss this ACME.
-
Podcast Jul 18, 2019
Root Causes 27: Pending Safe Browser Guidelines from Germany
Germany has published a draft of its latest guidelines for safe browsers. Join our hosts as they discuss the requirements and their potential impact.
-
Blog Post Jul 17, 2019
Firefox to Add “Not Secure” Warning to Non-SSL Pages
In its upcoming build 70, Firefox will incorporate a “Not Secure” warning for non-SSL pages. This warning will appear to the left of the address, where the company-branded green address bar appears on sites with EV SSL certificates.
-
Podcast Jul 13, 2019
Root Causes 26: White House Wants to Prohibit End-to-End Encryption
Our hosts discuss the White House's desire to defeat widespread encryption technology through legislated "back door" access.
-
Podcast Jul 02, 2019
Root Causes 25: Entropy and Random Numbers
One cornerstone of successful cryptography is entropy, or the ability to create genuinely unpredictable values. Join our hosts as they discuss.
-
Blog Post Jul 01, 2019
I have been engaged with many decisions makers who are evaluating whether or not to use Extended Validation SSL on their sites, and I have repeatedly observed how a psychological phenomenon called loss aversion biases this decision-making process. Read on to learn more.
-
Podcast Jun 27, 2019
Root Causes 24: Certificate Revocation
Certificate revocation is an essential part of the certificate lifecycle. Join our hosts as they discuss revocation by the CA, code signing, and malware.
-
Podcast Jun 20, 2019
Root Causes 23: Global Energy Grids Under Cyber Attack
The world's energy grids and other utilities have increasingly become targets for cyber attack. Join our hosts as they discuss the latest developments.
-
Blog Post Jun 11, 2019
Why the Effect of EV SSL on Web Behavior Is Hard to Test
Extended Validation (EV) SSL certificates are a weird animal when it comes to split testing. The presence or absence of an EV certificate affects the user experience in that the company-branded green address bar is either present or absent. Split-site testing routinely shows that subtle differences make a meaningful difference.