Are EV certificates worth the paper they're written on?

We're seeing a huge push towards encryption on the web right now and as a part of that push the topic of certificates comes up with some frequency. EV certificates, or Extended Validation certificates, seem to be quite polarising with either a love them or hate them response. I'm going…

Continue Reading

Adding security headers to Prism JS

I recently came across the Prism JS syntax highlighting library whilst looking at a few options to spruce up my blog. I was very disappointed, though not at all surprised, that they didn't have support for my favourite security headers, so I added it. Prism JS The Prism JS library…

Continue Reading

The death knell for HPKP?

HTTP Public Key Pinning, or HPKP, has sure had an interesting journey as a standard but today marks what will probably be the final blow for the dying mechanism. Chrome has announced their plans to deprecate and remove support for HPKP as soon as 29th May 2018. What is HPKP?…

Continue Reading