-
Podcast Feb 02, 2024
Root Causes 359: 90-day SSL Won't Affect Organization Validation
With 90-day maximum term is coming for SSL certificates, we explain why we do not expect a reduction in the reuse period for organization validation.
-
Podcast Jan 30, 2024
Root Causes 358: Security Questionnaire Sins
We present a catalog of "security questionnaire sins," avoidable problems and errors that occur in the security questionnaires enterprises send to vendors.
-
Podcast Jan 26, 2024
Root Causes 357: Signed Digital Photographs
Three major camera manufacturers have joined to create a standard for signed digital images from their cameras.
-
Podcast Jan 23, 2024
Root Causes 356: Will MPDV Eliminate Email-based DCV?
MPDV is a necessary evolution of DCV to protect against BGP attacks. Will MPDV may affect accepted DCV methods, especially the email method?
-
Podcast Jan 19, 2024
Root Causes 355: Should Managed PKI Do Whatever the Customer Wants?
Should a managed PKI provider should give complete control over PKI decisions to the end customer or enforce minimum standards no matter what?
-
Podcast Jan 16, 2024
Root Causes 354: CyberSlash Attack Against CRYSTALS-Kyber
A new attack against implementations of CRYSTALS-Kyber illustrates how cryptographic implementations can be vulnerable even as the cyphers remain sound.
-
Podcast Jan 10, 2024
Root Causes 353: Why Isn't PKI Everywhere?
Our hosts firmly believe that PKI is a necessary component of all digital interactions. And yet there are still gaps in PKI implementation.
-
Podcast Jan 04, 2024
Root Causes 352: FBI Vs. End-to-end Encryption in Meta Apps
Meta is finally rolling out end-to-end encryption across its messaging apps. This is the latest chapter in the long story of government versus encryption.
-
Podcast Dec 27, 2023
Root Causes 351: 2024 Predictions
We look forward to 2024 and predict trends for PKI, certificates, and digital identity.
-
Podcast Dec 21, 2023
Root Causes 350: Public Certificates & the GDPR Right to Be Forgotten
GDPR provides a "right to be forgotten," whereby individuals can demand the removal of PII from IT systems. This can run contrary to public PKI systems.
-
Podcast Dec 18, 2023
Root Causes 349: 2023 Lookback - Overall Trends
We look back at PKI in 2023. Trends include AI, enterprise crypto agility, OCSP's fall, PKI everywhere, weak passwords, and government vs. the internet.
-
Podcast Dec 15, 2023
Root Causes 348: What Is a Merkle Tree?
One foundational element of modern cryptographic systems is the Merkle tree. We explain this data structure, its properties, and its use cases.