Root Causes Podcast

In this episode we discuss the challenges for enterprises using Microsoft Active Directory Certificate Services (ADCS).

Root Causes 442: Apple Proposal to Reduce SSL Lifespan Updated

November 25, 202422 min

Apple has published an updated draft to its proposal for shortening the lifespan of SSL certificates, including a final term of 47 rather than 45 days.

Root Causes 441: New White House Initiative Targets BGP

November 22, 202415 min

A new White House initiative requires that federal agencies need to create plans to thwart BGP attacks. We discuss, including RPKI and MPIC.

Root Causes 440: Public Key Directories

November 18, 202413 min

We talk about public key directories and complicating factors such as Tailscale, VPN, TOR, Cloudflare, and Zero Trust.

Root Causes 439: PQC Onramp Narrowed Down to 15 Candidates

November 15, 202417 min

NIST has narrowed its PQC onramp contest to 15 candidates. We go over who remains and the makeup of the remaining candidates.

Root Causes 438: PQC Is an Existential Requirement

November 12, 202428 min

Repeat guest Bruno Couillard argues that cryptography is foundational to our lives and that the transition to PQC is an existential requirement.

Root Causes 437: Don't Blame the Linter

November 5, 202411 min

Public open-source linters are available to help CAs assure compliance. Now some CAs blame gaps in linter coverage for their misissuance events.

Root Causes 436: Formal Proofs

October 29, 202410 min

Formal proofs are critical to cryptography. We discuss how better processes and AI can accelerate formal proofs of cryptographic concepts.

Root Causes 435: The PQC "Q Day" Is Not That Simple

October 25, 202419 min

We explain how radically oversimplified the concept of PQC "Q day" really is.

Root Causes 434: Did Researchers Break AES Using Quantum Annealing?

October 22, 202412 min

Reports suggest Chinese researchers used a quantum annealing computer to break AES. We clarify the findings and discuss the potential implications.

Root Causes 433: Will AI Eat All the Electricity?

October 17, 202410 min

News reports claim Chinese researchers broke AES with a quantum annealing computer. We clarify the details and talk about the implications of this reported discovery.

Root Causes 432: Apple Floats New Short-lived Certificate Proposal

October 14, 202426 min

Apple recently floated a draft CABF ballot for commentary that steps down maximum term for SSL certificates to 45 days by 2027.

Root Causes 431: New Mozilla Proposal to Combat Delayed Revocation

October 11, 202428 min

Deliberate delay of mandatory revocations has plagued the WebPKI in 2024. A new proposed policy from Mozilla stands to eliminate most of this behavior.

Root Causes 430: How Does a TLS Handshake Work?

October 9, 202414 min

In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.

Root Causes 429: ServiceNow Outage Due to Expired Root Certificate

October 8, 20247 min

A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.

Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question

October 4, 202417 min

White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).