Free Post certificate revocation Demonstrating that revocation checking is pointless! I've talked a lot about revocation checking before on my blog and made various arguments against it and explained why it's not such a great idea,...
Free Post Let's Encrypt Let's Encrypt to revoke 3,048,289 certificates Yesterday it was announced that Let's Encrypt are to revoke a large number of certificates after identifying a bug in their CA software, Boulder. This blog is here...
Free Post CRLite CRLite: Finally a fix for broken revocation? I've talked a lot about revocation in recent years and the issues with the current methods for checking the revocation status of a certificate are well understood and...
Free Post Report URI Supporting other projects in the community I've relied on a lot of different projects over the years that have helped me in various different ways and recently had the opportunity to start giving something...
Free Post apple Certificate lifetime capped to 1 year from Sep 2020 It's finally happening! We've had 2 failed attempts through the CA/B Forum and now Apple has decided to enforce a maximum lifetime of 398 days...
Free Post MTA-STS Improving email security with MTA-STS There has been a huge focus on encryption on the web recently, with lots of that centred around HTTP with things like HTTPS and HSTS. Now we're taking...
Free Post legacy tls Legacy TLS is on the way out: Start deprecating TLSv1.0 and TLSv1.1 now With TLS having taken some great steps forwards in recent years, with TLSv1.2 in 2008 and TLSv1.3 in 2018, it's time to start dropping support for...
Free Post HPKP HPKP is no more! It's been an interesting ride over the last few years but HPKP, or HTTP Public Key Pinning, is finally coming to the end of its tenure. With support...
Free Post tls Big HTTPS changes coming in Chrome Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have...
Free Post crawl Top 1 Million Analysis - September 2019 Yes, it's that time of year again and the last 6+ months have flown by. Time for a look at the state of security in the Top 1...