A new extension to the ACME certificate protocol will help automate renewals. In this episode we explain ACME Renewal Information (ARI).
The CAN bus wires in a modern automobile can allow a thief to steal the vehicle. We explain how PKI can defeat this attack.
SquareSpace recently acquired Google's domain registry business. We discuss what this move says about large technology trends.
The SEC has sent "Wells notices" to two senior executives from SolarWinds, with regard to the 2019 to 2020 supply chain attack.
We discuss a variety of real-world crimes in which deepfakes have played a role.
We explain the allowed public SSL revocation reason codes, along with some explicitly forbidden reason codes and the backstory behind them.
Don't roll your own crypto. We describe the findings from 2021 research that investigating the root causes of problems in cryptographic systems.
We describe CCADB, the Common CA Database. We explain the role of CCADB in the WebPKI and how this role is evolving.
In this episode we continue to explore the capabilities of AI to replicate known people in deep fakes with AI-generated content.
New rules require delivery of code signing certificates by secure HSM. We describe the key attestation method of delivery.
For the second time in under twelve months, a major browser is deprecating a CA's public trust. This time it's E-Tugra.
In this episode we describe how tools from operational technology red team exercises are being repurposed for malware attacks.