Security Terminology

The CA/Browser Forum guidelines contain many prescribed requirements with the word SHOULD or MUST. We explain how these two words are used.

The topic of short-lived 90-day certificates is a major one for the cybersecurity industry.

A large, public criminal marketplace for stolen logins and other information was rolled up by law enforcement across seventeen countries.

The Root Causes podcast has received a Webby Honoree award. Jason and Tim briefly celebrate and discuss operating a niche, homemade podcast.

This important part of the ACME standard that makes it easier for many IT administrators to use ACME to automate provisioning of SSL / TLS certificates.

With 90-day maximum term for SSL / TLS certificates, what will happen to thethe validation data reuse period? We investigate.

January 4, 2019. This was the date of the inaugural episode of Root Causes – the first ever podcast dedicated to the changing and critically important world of PKI and digital certificates. Since its inception, Root Causes has fostered stimulating, timely conversation and commentary around major trends impacting the cybersecurity industry.

This week, on April 4, 2023, Root Causes received its first, major award, as a ‘Webby Honoree’ at the 2023 Webby Awards. To say that this is thrilling is an understatement. Since 2019, Jason and I have singlehandedly recorded and produced nearly 300 episodes of Root Causes, and it goes without saying we are honoured to receive this accolade.

In the first ever episode of Root Causes, Jason and I laid our mission for the podcast. We would “nerd out” together on various deep topics about security, digital identity, encryption, and the like. We decided it might be valuable to capture our discussions for posterity. There are many interesting topics that result from the resurgence of PKI. The concept of establishing a strong sense of public and private trust has never been more important for enterprises than it is now. Additionally, the world of PKI is a big place - there are a LOT of non-obvious concepts that can benefit from discussion. Root Causes is our way of capturing these ideas and exploring ways in which organizations can establish digital trust with PKI and digital certificates.

Since 2019, Root Causes has grown steadily. In August 2020, we celebrated our one hundredth episode. Less than a year later, in April 2021, we celebrated 40,000 listens of our podcast. By September 2021, this number had reached 50,000 and by November 2022, we’d reached 150,000 listens. This month we expect to hit a quarter million listens.

Jason and I view this growing audience as validation that our industry it important to a large number of IT professionals. We feel privileged that our podcast can be a meaningful contributor to discussion of this industry.

For those of you that may be unaware, The Webby Awards are major. Earning the distinction of Webby Honoree, as recognized by the International Academy of Digital Arts & Sciences is a significant achievement—granted to only the top 20% of all work entered in the 27th Annual Webby Awards. Looking at those also in our category of “Technology Podcasts,” Root Causes is keeping some impressive company alongside podcasts produced by major technology media outlets such as TechCrunch and The Verge, along with Mozilla’s own podcast. Of course, we wish those nominated for the Webby People’s Voice the very best of luck.

We also want to thank our listeners. Root Causes is for you, so thank you for listening. Finally, for those of you uninitiated to Root Causes, here are some recommendations to get you started.

Episode 1 – The Intro - Meet your hosts Tim Callan and Jason Soroko and learn why we decided to start the Root Causes podcast.

Episode 235 – The Listener’s Favorite - Our most downloaded episode of the past year explores lattice-based encryption, the algorithmic foundation of new post-quantum cryptography (PQC) standards.

Episode 284 – The Trending Topic - Learn about Google's plan to reduce maximum TLS validity to 90 days.

Thanks for joining us on Root Causes. Most weeks we post two episodes, so we hope you join us again soon.

We discuss how Certificate Lifecycle Management (CLM) interacts with Security Incident and Event Management (SIEM).

We define Qualified Government Information Source (QGIS) and Qualified Independent Information Source (QIIS).

Join our webinar to hear about the implications of Google's plans to reduce TLS certificate validity from 398 to a maximum of only 90 days.

Digital Certificate lifespans are shortening. For CISOs this represents a major change in the way they will establish digital trust in the future.

We define the cryptographic center of excellence, how such a center of excellence would work, and the benefits it brings to an enterprise.