-
Podcast Apr 09, 2019
Root Causes 11: Authentication Is Not for the Authenticated
With much debate about the importance of authentication in digital systems, it is key to remember the purpose of identity in cyber interactions.
-
Podcast Apr 03, 2019
Root Causes 10: S/MIME Automated Deployment
S/MIME certificates indicate the authentic identity of the sender and enable encryption. Find out what the challenges to past adoption have been.
-
Blog Post Mar 26, 2019
Why CAs Charge More for Extended Validation SSL
Extended Validation (EV) SSL certificates are one of three standard SSL certificate types issued by Certificate Authorities: DV, OV, and EV. What makes EV certificates different from the others is that they provide the highest assurance that the domain is NOT associated with a bad actor. When users see a company-branded address bar next to the URL, they can know that they are on a trusted domain.
So is an EV SSL certificate right for you? In order to determine this, it’s important to understand why the cost is higher than other certificate options, the unique value it provides, and how the issuance process works.
-
Podcast Mar 25, 2019
Root Causes 09: 63-bit Serial Numbers
A recently discovered flaw in common practices reveals that potentially millions of active SSL certificates fall short of cryptographic requirements.
-
Podcast Mar 18, 2019
Root Causes 08: Free PKI Is Not Free
A "free" Microsoft CA was alluring to enterprises in the 2000s. Learn about the seven common use cases where your traditional CA no longer does the job.
-
Blog Post Mar 13, 2019
63-Bit Password Emphasizes Role of Automation in Enterprise PKI
Industry PKI experts recently have discovered a flaw in certificate generation practices that employ the commonly used EJBCA CA tool, which can result in serial numbers with 63 bits of entropy as opposed to the 64 bits required by public certificate guidelines. Episodes like this one put a spotlight on the value of automation in certificate practices. Automated capabilities enable the consistently correct maintenance, revocation, and replacement of a large number of certificates with little human interaction required.
-
Blog Post Mar 12, 2019
New Research Regarding Online Criminal Marketplaces for Certificates
A recent study by Georgia State University suggests that criminal online marketplaces feature a steady supply of TLS / SSL certificates from all major public CAs. Sectigo is eager to work with researchers like these and others to help reveal criminal activity and create strategies to mitigate its effectiveness without preventing legitimate business from benefiting from public certificates.
-
Blog Post Mar 04, 2019
S/MIME 101: Maintaining DFARS Compliance Using S/MIME
Supplementing the original Defense Federal Acquisition Regulation to mandate encryption of all data at rest or in transit, DFARS creates a security baseline that must be met by all contractors. Since email is just as indispensable to defense contractors as it is to any other industry, this means that effective encryption tools must be set in place before doing business with the government.
-
Blog Post Mar 01, 2019
Authentication Is Not for the Party Being Authenticated
Many people would be surprised to learn that the purpose of digital certificates is not to enable encryption. Our IT systems are frequently engineered not to enable encryption unless certificates are in place (most obviously when connecting to a web site using a popular desktop or mobile browser), but that decision is in recognition of the original purpose of certificates, which is to authenticate the identity of a participant in a digital transaction.
-
Podcast Feb 19, 2019
Root Causes 07: Russian Disconnection from the Internet
Russia plans to disconnect from the internet as a trial exercise for full-blown cyber warfare. Learn some of the problems facing Russia if they disconnect.
-
Podcast Feb 19, 2019
Root Causes 06: Quantum-Resistant Cryptography
The pending Quantum Apocalypse requires that we replace the hashing and encryption algorithms used through the internet, and connected devices.
-
Blog Post Feb 15, 2019
Spear Phishing Attack Prevention with S/MIME
Protect your emails from spear phishing attacks with S/MIME certificate technology & learn how to recognize the warning signs of a security breach.