-
Listen Now
EPISODE 73
Broadcast Date:
March 13, 202021 minutes
Podcast Mar 13, 2020Root Causes 73: Apple to Drop Support for Two-year SSL Certificates
Apple announced it will distrust TLS certificates issued with terms over thirteen months for its products. We discuss this change and its implications.
-
Listen Now
EPISODE 71
Broadcast Date:
March 6, 202021 minutes
Podcast Mar 06, 2020Root Causes 71: Short Lived DevOps Certificates
Repeat guest and DevOps expert David Colon joins us again to discuss identity for microservices, including the use of very short-lived TLS certificates.
-
Learn More
Prevent Revenue Loss from the New One-Year SSL Term Limit
Blog Post from Sectigo
Blog Post Feb 21, 2020Apple recently announced its upcoming distrust for two year SSL certificates.
Sectigo understands the benefits of and supports shorter certificate lifetimes. We also know that the currently imposed two-year limitation has already impacted our SSL certificate resellers by causing user friction, reducing Average Sales Prices (ASPs), and negatively affecting overall revenue. This new industry standard will further impact revenue for our partners.
-
Learn More
Apple Drops a Bomb on Long-life HTTPS Certificates...
News Article from Sectigo
News Article Feb 20, 2020Later this year, websites using long-life SSL/TLS certs issued after the cut-off point will throw up privacy errors in Apple's browser.
-
Learn More
Apple to Limit Accepted TLS Certificate Duration to One Year
Notification from Sectigo
Notification Feb 20, 2020This week Apple announced at the 49th CA/Browser Forum Face-to-Face that it will limit the term of accepted TLS certificates to 398 days as of September 1, 2020. Certificates issued on or after that date with term beyond 398 days will be distrusted in Apple products.
-
Listen Now
EPISODE 63
Broadcast Date:
January 29, 202010 minutes
Podcast Jan 29, 2020Root Causes 63: What Is CAA?
CA Authentication gives domain owners the ability to specify in DNS which CAs are allowed to issue SSL certificates for a domain. Join us to learn more.
-
Learn More
Windows CryptoAPI Spoofing Vulnerability Revealed
Notification from Sectigo
Notification Jan 17, 2020This week Microsoft disclosed the existence of a critical vulnerability in how Windows operating systems validate ECC-based x.509 certificates and released patches for affected versions that are supported.
-
Listen Now
EPISODE 59
Broadcast Date:
December 30, 201922 minutes
Podcast Dec 30, 2019Root Causes 59: What Is Certificate Transparency?
Certificate Transparency (CT) is important for SSL certificates. Learn what CT is and how it can teach us about SSL usage and help improve public trust.
-
Learn More
Sectigo to Remove Brand Information from DV Certificates
Notification from Sectigo
Notification Dec 12, 2019Sectigo recently announced that we will make a change to our issuance practices to remove “static” brand and hosting information from the OU fields of our Domain Validation (DV) certificates. These descriptors include the brand name of the certificate (e.g. “PositiveSSL”) and the name of the hosting provider (e.g. “Hosted by NAME”).
-
Listen Now
EPISODE 56
Broadcast Date:
December 9, 201923 minutes
Podcast Dec 09, 2019Root Causes 56: 2019 Lookback - Evolving Cryptography
2019 saw important changes in the world's cryptographic standards. Join our hosts as they talk about what 2020 may hold in terms of evolving cryptography.
-
Blog Post Dec 04, 2019
Five Ways PKI Protects and Secures Financial Services Data
Data has become the lifeblood of the financial services industry. From managing transaction details and providing real-time account and trading information to automating risk management processes, forecasting, and fraud detection, data is integral and the most important resource to protect.
-
Blog Post Nov 26, 2019
On Black Friday and Cyber Monday, Look Out for “Not Secure” Warnings
As millions of people visit online retailers to spend their hard-earned money this holiday, cybercriminals will be working to trick consumers into mistakenly sending that money their way, instead. A number of browsers are pioneering new ways for users to recognize that the site they are visiting might not be what it appears. Non-HTTPS pages, or pages without an EV SSL certificate validating them as trustworthy, will be flagged as potentially dangerous sites.
