Three major changes are coming to the world of public certificates, all of which require major changes in how organizations deploy, renew, and manage their certificates. These are 47-day SSL, PQC, and the deprecation of mTLS. We describe the overlap…
Root Causes Podcast
Mostrando 55 a 72 di 575 podcasts
MPIC (Multi-perspective Issuance Corroboration) is soon to move into enforcement phase. In this episode we describe three configuration decisions that can force Domain Control Validation (DCV) to fail and tell you what to do about them before you…
We complete our description and commentary on the results of Sectigo's survey of enterprise preparedness for Post Quantum Cryptography (PQC).
We're back discussing the results of Sectigo's 2025 State of Crypto Agility report. We explore the second half of the report on post quantum cryptography (PQC) including enterprise awareness of PQC, the most influential drivers for PQC migration,…
Sectigo released its 2025 State of Crypto Agility report which explores enterprise readiness and preparation for 47-day maximum SSL/TLS certificate term.
AI is not the elephant in the room. It is the room itself. Jason explains what he means by that.
Britain's National Cyber Security Centre recently issued a lukewarm verdict on passkeys as an authentication solution. We explore the problems with WebAuthn, including account recovery, spotty availability, inconsistent implementation, and lack of…
Jason walks us through an important recent paper from Google tracking the cost of quantum factoring.
Microsoft has finally announced that it will offer an update to Active Directory Certificate Services (ADCS, formerly MSCA) to support post quantum cryptography. We discuss Microsoft's checkered support for ADCS and offer some questions users should be asking.
Jason coins the term "entropy-aware governance" to describe the idea of using the degree of entropy it contains to measure the strength of any given secret. This could be an objective, consistent metric that could be applied to standard practices and…
Tim describes how the addition of an item to the CABF face-to-face meeting agenda blew up into a panicked and outraged online thread. We discuss what a more functional response would have looked like.
We continue our discussion of CPS misalignment by discussing the reasons for revocation as a remedy, its disadvantages, and the possibility of another solution that provides the same benefits at less cost.
We examine the circumstance where otherwise allowed practices are out of alignment with the stated practices in the relevant CPS. We discuss CA transparency and accountability, increased scrutiny of the CPS, and mass revocation.
We follow up on our discussion of the Get off My Lawn (GoTM) browser with Jason's adventure in creating his own custom root store.
We define CPS (Certificate Practices Statement) and explain the role it plays in both the WebPKI and private CAs.
"Code vibing" is using generative AI to create or improve working code. We share Jason's adventure using code vibing to create his own web browser.
The first CA distrust event of 2025 comes with two simultaneous CA distrusts. We give you the details.
For the first time ever, Jason and I record an episode from the floor of the CA/Browser Forum face-to-face meeting. We recap the themes of this meeting, and Jason gives his first impressions of a CABF Face-to-face.