-
Podcast Nov 12, 2024
Root Causes 438: PQC Is an Existential Requirement
Repeat guest Bruno Couillard argues that cryptography is foundational to our lives and that the transition to PQC is an existential requirement.
-
Podcast Nov 05, 2024
Root Causes 437: Don't Blame the Linter
Public open-source linters are available to help CAs assure compliance. Now some CAs blame gaps in linter coverage for their misissuance events.
-
Podcast Oct 29, 2024
Root Causes 436: Formal Proofs
Formal proofs are critical to cryptography. We discuss how better processes and AI can accelerate formal proofs of cryptographic concepts.
-
Podcast Oct 22, 2024
Root Causes 434: Did Researchers Break AES Using Quantum Annealing?
Reports suggest Chinese researchers used a quantum annealing computer to break AES. We clarify the findings and discuss the potential implications.
-
Podcast Oct 17, 2024
Root Causes 433: Will AI Eat All the Electricity?
News reports claim Chinese researchers broke AES with a quantum annealing computer. We clarify the details and talk about the implications of this reported discovery.
-
Podcast Oct 14, 2024
Root Causes 432: Apple Floats New Short-lived Certificate Proposal
Apple recently floated a draft CABF ballot for commentary that steps down maximum term for SSL certificates to 45 days by 2027.
-
Podcast Oct 11, 2024
Root Causes 431: New Mozilla Proposal to Combat Delayed Revocation
Deliberate delay of mandatory revocations has plagued the WebPKI in 2024. A new proposed policy from Mozilla stands to eliminate most of this behavior.
-
Podcast Oct 09, 2024
Root Causes 430: How Does a TLS Handshake Work?
In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.
-
Podcast Oct 08, 2024
Root Causes 429: ServiceNow Outage Due to Expired Root Certificate
A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.
-
Podcast Oct 04, 2024
Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers control .mobi WHOIS, signaling the decline of WHOIS as a reliable source for Domain Control Validation (DCV) emails.
-
Podcast Oct 02, 2024
Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.
-
Podcast Sep 30, 2024
Root Causes 426: Expired Certificate Takes Down Bank of England
A certificate expiration is now known to have created July's outage of Bank of England. Join us as we shake our heads in amazement yet again.