Trust models in multi-vendor environments are particularly tricky. Learn about best practices in trusted roots for complex, global supply chain ecosystems.
Root Causes Podcast
Showing 397 to 414 of 550 podcasts
We discuss how the SunSpec Alliance uses PKI to protect clean energy infrastructure including solar and electric vehicles.
Rustls is an important emerging alternative to OpenSSL. We discuss the Rust programming language, designed with security in mind from the ground up.
We discuss the attempted poisoning of a Florida city's water supply through online security breach.
We discuss Enigma, history's most famous code system, how it was broken, and how that relates to cryptography today.
A new attack allows cloning of the Google Titan secure key. we describe this attack and its implications for Titan and other secure keys.
A proposed law would require payment for linking to news articles, with broad implications. We discuss this proposal and where things go from here.
A white hat researcher took over .cd, the Democratic Republic of the Congo's ccTLD. The implications of taking over a top-level TLD are staggering.
Google has announced distrust for Spanish public CA Camerfirma in Chrome build 90. We explain the reasons for (and implications of) this decision.
In recent years the EV SSL "green address bar" has shrunk and evenually disappeared. We walk you through how that came to be.
The Four Pillars of Certificate Automation are deploy, discover, revoke/replace, and renew, along with the umbrella capability of visibility.
Root Causes PodcastRoot Causes 142: Removing Street Address and Postal Code from Public Certificates
On March 1 Sectigo will remove street address and postal/zip code information from its public certificates of all types. Our hosts explain why.
Our hosts are joined by guest Nick France to discuss the benefits of shorter certificate lifespans for both public and private CAs.
BGP controls traffic routing on the internet. BGP attacks could help improperly obtain DV certificates. We explain these attacks and what to do about them.
Sometimes subscribers accidentally include the private key along with CSR submissions. Our hosts break down this phenomenon and its implications.
We explain the IoT Cybersecurity Improvement Act of 2020, which creates security requirements for IoT devices sold into the US government.
The SolarWinds supply chain attack i includes unusual manipulations of digital identity and certificates. We explore these aspects of the attack.
We discuss 2020's progress in the quest for quantum-safe encryption, including the algorithm candidate list, hybrid certificates, and IoT devices.