Featured Contributor
Jason Soroko
Fellow at Sectigo
Jason has 20 years of experience researching, innovating, educating markets, developing intellectual property, and contributing to national-level guidance and consortium standards. He works closely with enterprise companies daily to synthesize managed PKI security solutions that meet real-world operational needs.
Jason Soroko is an experienced security technology innovator, responsible for the product team that drives innovation at Sectigo. He is responsible for interfacing with customers, researching, innovating, educating, and contributing to strategy, national-level guidance, intellectual property development, and consortium standards. Solving real business problems by synthesizing state-of-the-art security with real-world operational needs is what Jason does best.
Recent Posts from Jason Soroko
-
Webinars Upcoming
How mature is your Certificate Lifecycle Management?
The surge in certificate usage has reached unprecedented levels, with industry standards for certificate lifespans progressively shrinking.
-
Podcasts Sep 13, 2024
Root Causes 420: New Side Channel Attack Against YubiKeys
EUCLEAK, a newly revealed side-channel vulnerability, can clone the contents of a YubiKey. We talk about the attack and its significance.
-
Podcasts Sep 10, 2024
Root Causes 419 - What Happens to Vendors Who Don't Support ACME?
There are still products and operating systems that don't support ACME. We explore what happens to them when 90-day SSL certificates become required.
-
Podcasts Sep 06, 2024
Root Causes 418: From Cryptographic Homogeneity to Heterogeneity
PQC will move us from cryptographic homogeneity to cryptographic heterogeneity, with multiple KEMs and DSAs eventually expected as ongoing standards.
-
Podcasts Sep 03, 2024
Root Causes 417: Introducing pkimetal, the PKI Meta-linter
We introduce pkimetal, an open source project from Rob Stradling that allows CA to write to many popular linters with a single integration.
-
Podcasts Aug 30, 2024
Root Causes 416: Subscriber Restraining Order Prevents Revocation
An enterprise SSL subscriber recently used a Temporary Restraining Order to prevent the proper revocation of misissued certificates. We explain.
-
Podcasts Aug 27, 2024
Root Causes 415: What Can I Do with These New FIPS PQC Standards?
NIST recently released PQC algorithmic standards in FIPS-203, 204, and 205. We describe what is necessary for enterprises to begin using these algorithms.
-
Podcasts Aug 23, 2024
Root Causes 414: What Are the Revocation Periods for Public Certs?
We detail mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
-
Podcasts Aug 16, 2024
Root Causes 413: NIST Releases Standards for Three PQC Algorithms
On August 13, 2024, NIST released its first three standards for PQC algorithms, ML-KEM, ML-DSA, and SLH-DSA.