We have seen much talk of the upcoming drop of maximum TLS term to 200 days, followed by 100 days, and eventually down to 47 days. It happens that all those numbers are too large and the actual maxima will be less than that. We explain.
Root Causes Podcast
Showing 1 to 18 of 575 podcasts
March 2026 is due to be the most eventful month in the history of the WebPKI. Join us as we go over all the many changes coming next month.
A large investment firm divests from Bitcoin for fear of the quantum threat.
Everybody knows about March 15 and the drop in maximum public TLS certificate term to 200 days. But that only scratches the surface on key dates with this maximum term reduction. Join us as we go over "all the dates" for TLS maximum term reduction.
We score our 2025 predictions in this second of two parts.
Every new year we make predictions for the year to come, and every year we go back and see how we did. This is the first of two parts scoring our 2025 predictions.
We discuss the idea that not all cryptographic entropy is equally "random" and potential consequences.
Root Causes PodcastRoot Causes 571: Will There Ever Be a Cryptographically Relevant Quantum Computer?
We discuss the idea that it might be impossible to actually create a cryptographically relevant quantum computer and weigh in on this idea.
Repeat guest Chris McGrath shares what enterprises need to be doing now to stay on track for the NIST PQC deadline in 2030.
Repeat guest Chris McGrath joins us to discuss how increasingly strict regulations are requiring increased rigor, visibility, and auditability for enterprise digital certificates and PKI.
Senior cyber security advisor Chris McGrath joins us to discuss redefining digital certificates and their role in your organizational security profile, increasing regulation of certificates, and how enterprises can up their certificate game.
We name the ten enterprise environments and use cases that are most likely to be late adopters of post quantum cryptography (PQC).
We discuss the foundational importance of time in PKI and security in general. This includes when things happen, the order in which things happen, and attacks based on time-spoofing. We drill down on certificates, roots, timestamping, Certificate Transparency, patching, audits, and PQC.
In our concluding episode on the topic, we scrutinize arguments make for and against QWACs, this time focused on "compliance and interoperability."
In our second of three episodes on the topic, we scrutinize arguments make for and against QWACs, this time focused on "governance and sovereignty."
As a follow up to our episode 546, we break down the first of three sets of arguments about QWACs and examine their level of validity.
You may have heard of side channel attacks. Now Jason explains what a side oracle attack is and how a side oracle attack in conjunction with AI could be effective against the HQC or Falcon PQC algorithms.
One of the NIST Round 3 PQC finalists that was never selected or eliminated is Classic McEliece. In this episode we explain in non-math terms how this algorithm works.