Free Post CRLite CRLite: Finally a fix for broken revocation? I've talked a lot about revocation in recent years and the issues with the current methods for checking the revocation status of a certificate are well understood and...
Free Post Report URI Supporting other projects in the community I've relied on a lot of different projects over the years that have helped me in various different ways and recently had the opportunity to start giving something...
Free Post apple Certificate lifetime capped to 1 year from Sep 2020 It's finally happening! We've had 2 failed attempts through the CA/B Forum and now Apple has decided to enforce a maximum lifetime of 398 days...
Free Post MTA-STS Improving email security with MTA-STS There has been a huge focus on encryption on the web recently, with lots of that centred around HTTP with things like HTTPS and HSTS. Now we're taking...
Free Post legacy tls Legacy TLS is on the way out: Start deprecating TLSv1.0 and TLSv1.1 now With TLS having taken some great steps forwards in recent years, with TLSv1.2 in 2008 and TLSv1.3 in 2018, it's time to start dropping support for...
Free Post HPKP HPKP is no more! It's been an interesting ride over the last few years but HPKP, or HTTP Public Key Pinning, is finally coming to the end of its tenure. With support...
Free Post tls Big HTTPS changes coming in Chrome Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have...
Free Post crawl Top 1 Million Analysis - September 2019 Yes, it's that time of year again and the last 6+ months have flown by. Time for a look at the state of security in the Top 1...
Free Post CSP CSP nonces the easy way with Cloudflare Workers Everybody knows I'm a rather large fan of CSP and an even bigger fan of CSP reporting, but CSP can be hard. Part of my personal mission has...
Free Post EV Extended Validation not so... extended? How I revoked $1,000,000 worth of EV certificates! Personal like or dislike of EV aside for a moment, we can all agree on what the name of EV certs implies. Organisations get their company details in the certificate...