We usually think of Certificate Lifecycle Management (CLM) as a security category. But we could equally well call it an operations category that enables uptime.
Tim Callan
Chief Compliance Officer
As Chief Experience Officer, Tim Callan leads efforts to optimize the customer journey across all aspects of the business. Tim has more than 20 years of experience as a strategic marketing and product leader for successful B2B software and SaaS companies, with 15 years of experience in the SSL and PKI technology spaces.
Tim Callan has over 20 years of experience in the SSL and PKI technology spaces. Tim leads Sectigo's conformance with industry and regulatory requirements including browser root programs, WebTrust, CA/Browser Forum, and more. Tim is instrumental in driving initiatives to improve certificate agility and successful issuance. A founding member of the CA/Browser Forum and current vice-chair for one of its working groups, Tim is creator and co-host of Root Causes: A PKI and Security Podcast, the world’s most popular podcast dedicated to digital certificates. With 400+ episodes published, Tim is on the forefront of explaining trends that will be essential to the IT professionals, including shortening certificate lifespans and the coming change to post-quantum cryptography.
Recent posts by Tim Callan
We introduce the concept of a "digital parasite," explaining why this attack philosophy appears to be on the rise.
In a recent blog post Google made five recommendations for policy makers.
CISA (Cybersecurity and Infrastructure Security Agency) has released new guidance about post-quantum cryptography in critical infrastructure, including some sobering warnings.
CAA records exist to restrict issuing CAs for a given domain to as few as one CA. But what happens when the CAA record outlives the CA?
Chrome's deadline for deprecation of the clientAuth EKU and mTLS in public certificates has moved out. We give you the what, when, and why.
Root Causes PodcastRoot Causes 589: Is a Cryptographically Relevant Quantum Computer Economically Viable?
We recently heard the argument that it's simply too expensive to develop a cryptographically relevant quantum computer. We vehemently disagree. In this episode we explain why.
The transition to PQC is not just a change in cryptographic algorithms but also a fundamental shift in how we treat our cryptography. From here on out, IT systems need to be fundamentally crypto agile as never before.
It would be easy to believe that the amount of risk posed to the WebPKI by any individual public CA is somehow proportional to the number of active certificates that CA has. This is false, however. In this episode we address this misconception.