Info
Podcast by Tim Callan and Jason Soroko
Root Causes: A PKI and Security Podcast
Root Causes: A PKI and Security Podcast
20 SEP 2024 · In this episode we discuss the dual nature of a public certificate as both a file and part of a holistic service that lasts until its expiration. We discuss revocation checking, CT logging, GAAP accounting, linters, certificate tracking tools, Certificate Lifecycle Management, standards bodies, post-quantum cryptography, and subscription models.
19 SEP 2024 · The Chrome root program has changed the date for the Entrust distrust. Join us to get the details.
16 SEP 2024 · White hat researchers have raised concerns about FIDO 2 (AKA WebAuthn). We explain.
13 SEP 2024 · EUCLEAK, a newly revealed side channel vulnerability, can clone the contents of a YubiKey. We talk about the attack and its significance.
9 SEP 2024 · Though it is the closest thing to an industry-standard API, there are still products and operating systems that don't support ACME. In this episode we explore what happens to these products once 90-day SSL certificates become the requirement.
6 SEP 2024 · One seldom discussed consequence of quantum computers and PQC is the move from cryptographic homogeneity to cryptographic heterogeneity, with multiple KEMs and DSAs eventually expected as ongoing standards. We examine the consequences of this change.
3 SEP 2024 · We introduce pkimetal, an open source project from Rob Stradling that allows CA to write to many popular linters with a single integration. We explain the importance and pitfalls of linters and how pkimetal improves linter implementation.
29 AUG 2024 · An enterprise SSL subscriber recently used a Temporary Restraining Order to prevent the proper revocation of misissued certificates. We explain what happened, why it's deeply problematic, how the industry might consider responding.
27 AUG 2024 · NIST recently released PQC algorithmic standards in FIPS-203, FIPS-204, and FIPS-205 (ML-KEM, ML-DSA, and SLH-DSA). We describe what is necessary for enterprises to begin using these algorithms.
23 AUG 2024 · In this episode we detail the mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
Podcast by Tim Callan and Jason Soroko
Information
Author | Tim Callan |
Organization | Tim Callan |
Categories | Society & Culture |
Website | - |
- |
Copyright 2024 - Spreaker Inc. an iHeartMedia Company