We share our PKI predictions for 2026. Topics include PQC, eIDAS 2, CT logging, ACME, passkeys, CA distrust, AI model poisoning, and new attack vectors.
Jason Soroko
Fellow
Jason has 20 years of experience researching, innovating, educating markets, developing intellectual property, and contributing to national-level guidance and consortium standards. He works closely with enterprise companies daily to synthesize managed PKI security solutions that meet real-world operational needs.
Jason Soroko is a seasoned security technology innovator and Senior Fellow at Sectigo, where he leads customer-facing engagements, drives research, and spearheads strategic initiatives at both organizational and national levels. He also contributes to the development of intellectual property and consortium standards. As co-host of the award-winning “Root Causes” podcast, Jason educates professionals on the latest trends in PKI and cybersecurity twice a week. His core strength is bridging cutting-edge security methods with real-world operational needs, ensuring that businesses are equipped with practical, forward-thinking solutions.
Recent posts by Jason Soroko
Jason explores the role cryptography and trust systems play in the command and control of groups of autonomous drone systems.
Certificate maximum term is shrinking. In this episode we examine exactly how short they could get.
In our ongoing series on AI in 1000 days, we describe the inevitable, complete distrust of voice printing as an authentication method, including why and what we think will happen.
We begin a new series about what we expect from AI in the next three years. In this episode we discuss AI emulating emotional intelligence and its benefits.
In this episode we discuss the value for enterprises in running mass revocation drills and compare the merits of tabletop exercises versus voluntary revocation events.
As AI models move from the cloud to edge devices, the risk of tampering grows. Unsigned language models can be manipulated, threatening integrity and trust. It’s time to apply code-signing principles to AI models because the machines are thinking, and we need to start signing them.
We are joined by guests Pol Holzmer and Johannes Sedlmeir to describe their recent research that documents and organizes public arguments made about QWAC certificates. You can find this research at orbilu.uni.lu/handle/10993/66334.
Chain of lure is an attack method used to circumvent restrictions and boundaries placed on AIs. Jason explains this attack and its implications.