The first of the five pillars of Certificate Lifecycle Management (CLM) is discovery. While many of your certificates are easily discoverable, some difficult PKI remains.
Root Causes Podcast
Mostrando 1 a 18 di 604 podcasts
The UK Online Safety Act intends to force vendors who sell hardware and software to allow the government to scan end-to-end encrypted communication on end devices.
Google has taken a strong position supporting Merkle Tree Certificates (MTC) as the PQC-enabled future for SSL / TLS.
Root Causes PodcastRoot Causes 604: Accelerated Timeline for Quantum Computers Breaking ECC in Crypto and Blockchain
A new paper from Google Quantum AI and others documents a new technique for breaking ECC, particularly the curve protecting crypto currencies, smart contracts, and blockchain. This accelerates post quantum cryptography (PQC) timelines.
Root Causes PodcastRoot Causes 603: Cryptographically Relevant Quantum Computing (CRQC) with Only 10,000 Qubits
New research suggests that a cryptographically relevant quantum computer is achievable with only 10,000 qubits. This was an important contributor to Google moving its PQC target to 2029.
Google has announced that it is moving its target for full PQC support to 2029. This is a strong statement from one of the most knowledgeable PQC technology companies that the existing 2030 target is too late.
Legacy PKI implementations hold back technical progress and create security risk. We discuss reasons why, consequences, and what to do about it.
In our previous episode we defined cryptography as the new geopolitics. We follow up to explain how all cryptographic decisions reflect social, political, and legal viewpoints of the cryptography's designers.
In the last decade or so, nations around the world have become keenly determined to use cryptography for their own legal, economic, and military advantage. We explore this concept.
A recent CISA report declares that the nation's OT infrastructure is incapable of keeping up with the crypto agility and certificate management needs that modern security demands. We examine this finding.
Microsoft has publicly stated that it will hand over Bitlocker keys to US law enforcement agencies without requiring a subpoena or court order.
We usually think of Certificate Lifecycle Management (CLM) as a security category. But we could equally well call it an operations category that enables uptime.
We introduce the concept of a "digital parasite," explaining why this attack philosophy appears to be on the rise.
In a recent blog post Google made five recommendations for policy makers.
CISA (Cybersecurity and Infrastructure Security Agency) has released new guidance about post-quantum cryptography in critical infrastructure, including some sobering warnings.
CAA records exist to restrict issuing CAs for a given domain to as few as one CA. But what happens when the CAA record outlives the CA?
Chrome's deadline for deprecation of the clientAuth EKU and mTLS in public certificates has moved out. We give you the what, when, and why.
Root Causes PodcastRoot Causes 589: Is a Cryptographically Relevant Quantum Computer Economically Viable?
We recently heard the argument that it's simply too expensive to develop a cryptographically relevant quantum computer. We vehemently disagree. In this episode we explain why.