-
Listen Now
EPISODE 486
Broadcast Date:
April 14, 202511 minutes
Podcast Apr 14, 2025Root Causes 486: 47-day Maximum Term Ballot Passes CABF
Apple's ballot to step the maximum term for public SSL certificates down to 47 days has passed in the CA/Browser Forum.
-
Listen Now
EPISODE 485
Broadcast Date:
April 12, 202520 minutes
Podcast Apr 12, 2025Root Causes 485: What Is Open MPIC?
Guest Dmitry Sharkov joins us to describe Open MPIC, the open-source project to help public CAs support MPIC.
-
Listen Now
EPISODE 484
Broadcast Date:
April 9, 202514 minutes
Podcast Apr 09, 2025Root Causes 484: Multi Good Factor Authentication
We define multi good factor authentication, which is the idea that not all authentication factors are equal. We discuss the importance of considering authentication strength and the contextual nature of trust.
-
Listen Now
EPISODE 483
Broadcast Date:
April 7, 202523 minutes
Podcast Apr 07, 2025Root Causes 483: Introducing the PQC Sandbox
We are joined by repeat guest Bruno Coulliard of Crypto4A to introduce Sectigo's new post quantum cryptography (PQC) sandbox. The PQC sandbox allows you to get quantum resistant certificates in your hands to understand how they work with your systems.
-
Listen Now
EPISODE 482
Broadcast Date:
April 2, 202515 minutes
Podcast Apr 02, 2025Root Causes 482: Microsoft and PQC
In this episode we explore the potential PQC future for Microsoft Active Directory Certificate Services, aka MSCA. We discuss potential paths for Microsoft to take and their consequences.
-
Listen Now
EPISODE 481
Broadcast Date:
March 31, 202512 minutes
Podcast Mar 31, 2025Root Causes 481: What Is Protocol Ossification?
Protocol ossification is the phenomenon whereby ecosystems fail to work correctly with the full range of options included in a protocol. This occurs when individual software components only partially support the capabilities that should be available. We define protocol ossification, explain how and why it occurs, give real world examples, and talk about potential remedies.
-
Listen Now
EPISODE 473
Broadcast Date:
March 28, 202510 minutes
Podcast Mar 28, 2025Root Causes 473: Does Security Software Lack Creativity?
Jason reports on a 2024 Black Hat keynote about how modern software development practices inhibit innovation and invention.
-
Listen Now
EPISODE 480
Broadcast Date:
March 24, 202510 minutes
Podcast Mar 24, 2025Root Causes 480: White House PQC Executive Order
Many people believe that the Trump White House rescinded an important cybersecurity executive order from late days of the Biden administration. We set the record straight.
-
Listen Now
EPISODE 479
Broadcast Date:
March 21, 202513 minutes
Podcast Mar 21, 2025Root Causes 479: AI Adversarial Machine Learning
In this episode we discuss the thinking on how adversaries can exploit the flaws in AI models to achieve unexpected and dangerous results. We explore some potential paths of defense against attacks of this sort.
-
Listen Now
EPISODE 478
Broadcast Date:
March 17, 202516 minutes
Podcast Mar 17, 2025Root Causes 478: Should We All Switch from RSA to ECC?
RSA is under attack. Even without the quantum threat, we face the possibility of smart new exploits reducing the viable RSA key space and rendering it unsafe. In this episode we discuss the merits of choosing ECC over RSA as soon as today.
-
Listen Now
EPISODE 477
Broadcast Date:
March 13, 202518 minutes
Podcast Mar 13, 2025Root Causes 477: Comparative Security Philosophies
We discuss how various popular computing platforms approach security and highlight the differences between them.
-
Listen Now
EPISODE 476
Broadcast Date:
March 10, 202517 minutes
Podcast Mar 10, 2025Root Causes 476: The Need for Security KPIs
Jason recounts a 2024 Black Hat talk about the need for objective measurements of our IT defenses and whether the good guys or bad guys are winning. Jason breaks down how to define and measure the impact of security measures.