Free Post PCI DSS PCI DSS 4.0; Certificate Transparency Monitoring is mandatory! I've previously covered two of the major new requirements coming in PCI DSS 4.0, and now it's time to take a look at another one!...
Free Post TLS Cryptographic Agility Part 1: Server Certificates We've encountered a lot of problems of our own making in the TLS/PKI ecosystem in recent years, and whilst we've got better at dealing with...
Free Post CRLite CRLite: Finally a fix for broken revocation? I've talked a lot about revocation in recent years and the issues with the current methods for checking the revocation status of a certificate are well understood and...
Free Post Certificate Transparency Announcing CT Monitoring for Report URI! I've spoken a lot about Certificate Transparency on my blog recently and how powerful it is for site operators to be able to keep track of certificates issued...
Free Post Certificate Authorities Fishing for certs I recently saw a tweet that got me thinking, then it got me reading, then it kept me busy for about an hour. In that short space of time I...
Free Post CT Finding phishing sites with CT I've spoken a couple of time recently about CT and it really is an awesome thing to have. We can now add one more wicked feature to our...
Free Post Expect-CT CT is coming, are you ready? We're living in a pretty awesome time right now as we observe significant advances being made in the TLS/PKI ecosystem all around us. One of those advances...
Free Post HTTPS Do SSL warranties protect you? As much as rocks keep tigers away... This post is the first of two that I will be publishing over the coming days to address a few concerns that seem to be rising in the wider community....
Free Post Certificate Transparency A new security header: Expect-CT With the October 2017 deadline approaching for compliance with Chrome's Certificate Transparency policy, sites can use the new Expect-CT header to determine if they're ready. It&...
Free Post Certificate Transparency Certificate Transparency, an introduction Certificate Transparency is an open framework for monitoring and auditing the certificates issued by Certificate Authorities in near real-time. By requiring a CA to log all certificates they generate, site...
Follow