-
Listen Now
EPISODE 100
Broadcast Date:
June 15, 202012 minutes
Podcast Jun 15, 2020Root Causes 100: OpenSSH Deprecates SHA-1
Once widely used, SHA-1 is considered insecure today and has been deprecated from the most common PKI use cases.
-
Listen Now
EPISODE 99
Broadcast Date:
June 12, 202029 minutes
Podcast Jun 12, 2020Root Causes 99: AddTrust Root Expiration Explained
The recent expiration of Sectigo's AddTrust legacy root caused some systems to stop working and forced some admins to keep working over the weekend.
-
Listen Now
EPISODE 98
Broadcast Date:
June 8, 202013 minutes
Podcast Jun 08, 2020Root Causes 98: DMARC and Verified Mark Certificates for Email
A new kind of identity certificate is coming that will enable businesses to include their logos in official email.
-
Listen Now
EPISODE 97
Broadcast Date:
June 4, 202012 minutes
Podcast Jun 04, 2020Root Causes 97: Firefox to Deprecate Support for FTP
Mozilla has announced its intention to remove support for FTP from the Firefox browser.
-
Listen Now
EPISODE 96
Broadcast Date:
June 1, 202018 minutes
Podcast Jun 01, 2020Root Causes 96: Signal May Leave USA to Protect End-to-End Encryption
Congress's proposed EARN IT act has many industry observers worried about its potential effect on the integrity of encrypted communication.
-
Listen Now
EPISODE 95
Broadcast Date:
May 28, 202013 minutes
Podcast May 28, 2020Root Causes 95: Cryptographic Key Vaulting
For PKI to be secure, private keys need to remain private. In this episode we explain "vaulting" for keys or other shared secrets.
-
Listen Now
EPISODE 94
Broadcast Date:
May 26, 202024 minutes
Podcast May 26, 2020Root Causes 94: Revocation Checking Through OCSP and CRL
One essential portion of the certificate lifecycle is the ability to revoke certificates. Public SSL certificates use a pair of mechanisms to communicate this revocation status to client machines, CRL and OCSP. In this episode we explain how these mechanisms work and some of their strengths and challenges.
-
Listen Now
EPISODE 93
Broadcast Date:
May 21, 202015 minutes
Podcast May 21, 2020Root Causes 93: Videoconferencing Phishing
With the global workforce's massive shift to work-from-home, a clever new set of opportunistic social engineering attacks has sprung up to take advantage of our unfamiliarity with our new communication and collaboration applications and processes. In this episode our hosts describe these new attacks and what IT departments can do to combat them.
-
Listen Now
EPISODE 92
Broadcast Date:
May 18, 202022 minutes
Podcast May 18, 2020Root Causes 92: COVID-19 Immunity Passports
As we plan our societal return to normalcy, a number of people and groups are discussing the concept of an electronic "immunity passport" that individuals can possess if they are known to be immune to COVID-19 (possibly through vaccination or prior infection). Today our hosts discuss the requirements for such an immunity passport, some of the opportunities and challenges in putting this kind of system in place, and how existing schemes and systems may fit into an immunity passport initiative.
-
Listen Now
EPISODE 91
Broadcast Date:
May 13, 202012 minutes
Podcast May 13, 2020Root Causes 91: Rabobank Banking App Outage
"Zero Trust" is an IT security philosophy that maximizes protection from threats by tightly controlling access and permissions for every individual, device, and process in the organization's environment. Learn how digital identity and certificates play a key role in operating a secure Zero Trust strategy.
-
Listen Now
EPISODE 90
Broadcast Date:
May 11, 202024 minutes
Podcast May 11, 2020Root Causes 90: An Analysis of Distributed PKI
Advocates of distributed PKI say it will eliminate weaknesses in traditional, hierarchical PKI. In this episode we test if these claims to see hold up.
-
Listen Now
EPISODE 89
Broadcast Date:
May 7, 202020 minutes
Podcast May 07, 2020Root Causes 89: PKI's Role in Zero Trust
"Zero Trust" maximizes protection from threats by controlling permissions for every individual, device, and process in the organization's environment.