Free Post certificate revocation Déjà vu - macOS hits OCSP hurdles Regular readers will have seen me talk about OCSP many times before and some of those times are going back quite a number of years. That's why it...
Free Post certificate revocation Demonstrating that revocation checking is pointless! I've talked a lot about revocation checking before on my blog and made various arguments against it and explained why it's not such a great idea,...
Free Post Let's Encrypt Let's Encrypt to revoke 3,048,289 certificates Yesterday it was announced that Let's Encrypt are to revoke a large number of certificates after identifying a bug in their CA software, Boulder. This blog is here...
Free Post CRLite CRLite: Finally a fix for broken revocation? I've talked a lot about revocation in recent years and the issues with the current methods for checking the revocation status of a certificate are well understood and...
Free Post EV When your CA turns against you For those that read my blog often you may have seen me talk about EV certificates before. From a technical perspective there are many things that I don't...
Free Post HTTPS Why we need to do more to reduce certificate lifetimes In the early days of the encrypted web you could get certificates valid for any period of time. Long gone are those days and as more time goes by we...
Free Post Let's Encrypt How to revoke a Let's Encrypt certificate I've written quite a few blogs on how to get started with Let's Encrypt and covered both RSA and ECDSA certificates. In this blog I'...
Free Post certificate revocation Enabling Certificate Revocation Checks in Google Chrome Following on from the announcement of Heartbleed, it's fair to assume that there will be a huge amount of certificate revocations both in progress and in the days and weeks to come. With an increased number of revocations, there's the...
Follow