We take a deep dive into the seven reasons shorter certificate lifespans are better.
Root Causes Podcast
Affichage de 109 à 126 des podcasts 552
We discuss how a potential break of Chrome from Google would affect the WebPKI. We look at product changes, resourcing, post-quantum cryptography (PQC), innovation, moonshot initiatives, and other public CAs.
In this episode we discuss the challenges for enterprises using Microsoft Active Directory Certificate Services (ADCS).
Apple has published an updated draft to its proposal for shortening the lifespan of SSL certificates, including a final term of 47 rather than 45 days.
A new White House initiative requires that federal agencies need to create plans to thwart BGP attacks. We discuss, including RPKI and MPIC.
We talk about public key directories and complicating factors such as Tailscale, VPN, TOR, Cloudflare, and Zero Trust.
NIST has narrowed its PQC onramp contest to 15 candidates. We go over who remains and the makeup of the remaining candidates.
Repeat guest Bruno Couillard argues that cryptography is foundational to our lives and that the transition to PQC is an existential requirement.
Public open-source linters are available to help CAs assure compliance. Now some CAs blame gaps in linter coverage for their misissuance events.
Formal proofs are critical to cryptography. We discuss how better processes and AI can accelerate formal proofs of cryptographic concepts.
We explain how radically oversimplified the concept of PQC "Q day" really is.
Reports suggest Chinese researchers used a quantum annealing computer to break AES. We clarify the findings and discuss the potential implications.
News reports claim Chinese researchers broke AES with a quantum annealing computer. We clarify the details and talk about the implications of this reported discovery.
Apple recently floated a draft CABF ballot for commentary that steps down maximum term for SSL certificates to 45 days by 2027.
Deliberate delay of mandatory revocations has plagued the WebPKI in 2024. A new proposed policy from Mozilla stands to eliminate most of this behavior.
In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.
A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.
White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).