-
Podcast Sep 13, 2024
Root Causes 420: New Side Channel Attack Against YubiKeys
EUCLEAK, a newly revealed side-channel vulnerability, can clone the contents of a YubiKey. We talk about the attack and its significance.
-
Podcast Sep 10, 2024
Root Causes 419 - What Happens to Vendors Who Don't Support ACME?
There are still products and operating systems that don't support ACME. We explore what happens to them when 90-day SSL certificates become required.
-
Podcast Sep 06, 2024
Root Causes 418: From Cryptographic Homogeneity to Heterogeneity
PQC will move us from cryptographic homogeneity to cryptographic heterogeneity, with multiple KEMs and DSAs eventually expected as ongoing standards.
-
Podcast Sep 03, 2024
Root Causes 417: Introducing pkimetal, the PKI Meta-linter
We introduce pkimetal, an open source project from Rob Stradling that allows CA to write to many popular linters with a single integration.
-
Podcast Aug 30, 2024
Root Causes 416: Subscriber Restraining Order Prevents Revocation
An enterprise SSL subscriber recently used a Temporary Restraining Order to prevent the proper revocation of misissued certificates. We explain.
-
Podcast Aug 27, 2024
Root Causes 415: What Can I Do with These New FIPS PQC Standards?
NIST recently released PQC algorithmic standards in FIPS-203, 204, and 205. We describe what is necessary for enterprises to begin using these algorithms.
-
Podcast Aug 23, 2024
Root Causes 414: What Are the Revocation Periods for Public Certs?
We detail mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
-
Podcast Aug 16, 2024
Root Causes 413: NIST Releases Standards for Three PQC Algorithms
On August 13, 2024, NIST released its first three standards for PQC algorithms, ML-KEM, ML-DSA, and SLH-DSA.
-
Podcast Aug 13, 2024
Root Causes 412: Google Throws in the Towel on Eliminating Cookies
We have in the past covered Chrome's initiatives to replace cookies. Now Chrome has announced that for the foreseeable future cookies will remain.
-
Podcast Aug 09, 2024
Root Causes 411: PQC Security Levels
Repeat guest Bas Westerbaan of Cloudflare talks through the concept of "security levels" in post-quantum cryptography.
-
Podcast Aug 06, 2024
Root Causes 410: CrowdStrike, Automatic Updates, and Walled Gardens
Microsoft blames the problem on the fact that it must, by European law, allow kernel updates to Windows. We unpack the challenges this poses.
-
Podcast Aug 02, 2024
Root Causes 409: Mozilla Distrusts Entrust
This week Mozilla chose to follow Chrome in deprecating the Entrust trusted roots. We give you the details and explain why this action matters.