-
Listen Now
EPISODE 145
Broadcast Date:
January 29, 202111 minutes
Podcast Jan 29, 2021Root Causes 145: Google Chrome to Distrust CA Camerfirma
Google has announced distrust for Spanish public CA Camerfirma in Chrome build 90. We explain the reasons for (and implications of) this decision.
-
Listen Now
EPISODE 144
Broadcast Date:
January 26, 202113 minutes
Podcast Jan 26, 2021Root Causes 144: Whatever Happened to the Green Address Bar?
In recent years the EV SSL "green address bar" has shrunk and evenually disappeared. We walk you through how that came to be.
-
Listen Now
EPISODE 143
Broadcast Date:
January 21, 202128 minutes
Podcast Jan 21, 2021Root Causes 143: The Four Pillars of Certificate Automation
The Four Pillars of Certificate Automation are deploy, discover, revoke/replace, and renew, along with the umbrella capability of visibility.
-
Listen Now
EPISODE 142
Broadcast Date:
January 18, 202112 minutes
Podcast Jan 18, 2021Root Causes 142: Removing Street and Postal Code from Public Certs
On March 1 Sectigo will remove street address and postal/zip code information from its public certificates of all types. Our hosts explain why.
-
Listen Now
EPISODE 141
Broadcast Date:
January 11, 202119 minutes
Podcast Jan 11, 2021Root Causes 141: The Case for Shorter Certificate Lifespans
Our hosts are joined by guest Nick France to discuss the benefits of shorter certificate lifespans for both public and private CAs.
-
Listen Now
EPISODE 140
Broadcast Date:
January 7, 202120 minutes
Podcast Jan 07, 2021Root Causes 140: SSL Attacks Using BGP (Border Gateway Protocol)
BGP controls traffic routing on the internet. BGP attacks could help improperly obtain DV certificates. We explain these attacks and what to do about them.
-
Listen Now
EPISODE 139
Broadcast Date:
January 4, 202110 minutes
Podcast Jan 04, 2021Root Causes 139: Exposed Private Keys in CSR Submissions
Sometimes subscribers accidentally include the private key along with CSR submissions. Our hosts break down this phenomenon and its implications.
-
Listen Now
EPISODE 138
Broadcast Date:
December 29, 202014 minutes
Podcast Dec 29, 2020Root Causes 138: IoT Cybersecurity Improvement Act of 2020
We explain the IoT Cybersecurity Improvement Act of 2020, which creates security requirements for IoT devices sold into the US government.
-
Listen Now
EPISODE 137
Broadcast Date:
December 21, 202031 minutes
Podcast Dec 21, 2020Root Causes 137: SolarWinds Supply Chain Attack and Digital Identity
The SolarWinds supply chain attack i includes unusual manipulations of digital identity and certificates. We explore these aspects of the attack.
-
Listen Now
EPISODE 136
Broadcast Date:
December 17, 202014 minutes
Podcast Dec 17, 2020Root Causes 136: 2020 Lookback - Quantum Safe Certificates
We discuss 2020's progress in the quest for quantum-safe encryption, including the algorithm candidate list, hybrid certificates, and IoT devices.
-
Listen Now
EPISODE 135
Broadcast Date:
December 14, 202025 minutes
Podcast Dec 14, 2020Root Causes 135: The Heartbleed Vulnerability
2014's Heartbleed vulnerability made it possible to steal private keys directly from web servers, requiring certificate replacement by the millions.
-
Listen Now
EPISODE 134
Broadcast Date:
December 10, 202024 minutes
Podcast Dec 10, 2020Root Causes 134: 2020 Lookback - SASE and Zero Trust Architecture
2020 was a big year for SASE (Secure Access Service Edge). We define SASE, ZTNA (Zero Trust Network Architecture), and SDP (Software Defined Perimeter).