-
Podcast Oct 14, 2024
Root Causes 432: Apple Floats New Short-lived Certificate Proposal
Apple recently floated a draft CABF ballot for commentary that steps down maximum term for SSL certificates to 45 days by 2027.
-
Podcast Oct 11, 2024
Root Causes 431: New Mozilla Proposal to Combat Delayed Revocation
Deliberate delay of mandatory revocations has plagued the WebPKI in 2024. A new proposed policy from Mozilla stands to eliminate most of this behavior.
-
Podcast Oct 09, 2024
Root Causes 430: How Does a TLS Handshake Work?
In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.
-
Podcast Oct 08, 2024
Root Causes 429: ServiceNow Outage Due to Expired Root Certificate
A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.
-
Podcast Oct 04, 2024
Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers control .mobi WHOIS, signaling the decline of WHOIS as a reliable source for Domain Control Validation (DCV) emails.
-
Podcast Oct 02, 2024
Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.
-
Podcast Sep 30, 2024
Root Causes 426: Expired Certificate Takes Down Bank of England
A certificate expiration is now known to have created July's outage of Bank of England. Join us as we shake our heads in amazement yet again.
-
Podcast Sep 27, 2024
Root Causes 425: PQC Requirements for Voting Systems
In honor of the upcoming US elections, we describe the six main requirements for a post-quantum voting system.
-
Podcast Sep 25, 2024
Root Causes 424: Using LoRA IoT Protocol for Clandestine Communication
In this episode we describe the LoRA protocol, which allows IoT devices to communicate securely without using a cellular network.
-
Podcast Sep 20, 2024
Root Causes 423: Is a Certificate Software or a Service?
In this episode we discuss the dual nature of a public certificate as both a file and part of a holistic service that lasts until its expiration.
-
Podcast Sep 19, 2024
Root Causes 422: New Date for Entrust Distrust
With a few easy tweaks, you can get your track to listeners most likely to love it. Learn more about how to modify your track to make it eligible.
-
Podcast Sep 16, 2024
Root Causes 421: FIDO 2 Implementation Problems
White hat researchers have raised concerns about FIDO 2 (AKA WebAuthn). We explain.