Creating a global List of Trust Lists
November 24, 2021 by
Paul van Brouwershaven
(Entrust)
LTL
The PKI Consortium is curating a global List of Trust Lists (a curated list of root, intermediate or issuing CA certificates accepted by a public, private, industry, or solution-specific PKI), one that is not limited to a specific purpose, region, or size, and is open to anyone to contribute.
Increasing support and awareness for Remote Key Attestation
August 3, 2021 by
Paul van Brouwershaven
(Entrust),
Tomas Gustavsson
(Keyfactor),
Giuseppe Damiano
HSM
Key Attestation
Secure Enclave
Smart-card
Token
TPM
The PKI Consortium is collecting information (and looking for contributions) on how or if solutions provide a method to prove to a remote party that a private key was generated, managed inside, and not exportable from, a hardware cryptographic module.
From CASC to the Public Key Infrastructure Consortium
July 12, 2021 by
Chris Bailey
(Entrust),
Paul van Brouwershaven
(Entrust)
CASC
PKI
PKIC
Over the years, the need for private, industry, or solution-specific PKI has grown significantly, with stricter policies and the revocation of certificates and CAs becoming more common. The impact of changes in centralized PKI have caused delays and disruption of third-party services that may or may not have been considered. Any PKI (public, private, or specific) must operate according to best practices, clear policies and without a single point of failure.
One Year Certs
July 9, 2020 by
Patrick Nohe
(GlobalSign)
Apple
CA/Browser Forum
DV
Google
Identity
Microsoft
PKI
Policy
Root Program
SHA1
SHA2
SSL/TLS
Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.
Could Quantum Computing Help Stave Off the Next Great Pandemic?
June 11, 2020 by
Patrick Nohe
(GlobalSign)
Quantum
RSA
SSL/TLS
As we settle into month two of isolation in the world’s collective battle against the COVID-19 pandemic, one talking point you’ve undoubtedly heard time and again is that this won’t truly be over until there’s a vaccine. A post about how quantum computing could simplify it and reduce the time it takes exponentially.
How to do HTTPS … The Right Way
June 2, 2020 by
Corey Bonnell
(DigiCert)
CAA
Identity
Phishing
Site Seal
SSL/TLS
With secure HTTP — aka HTTPS (the “S” is short for “secure”) — swiftly becoming universal on the Internet, it is important to know how to configure HTTPS for your website the right way. The payoff for properly securing your website has many benefits.
Don’t ‘Compromise’ Your Code Amid Malware Mayhem
May 12, 2020 by
Abul Salek
(Sectigo)
CA/Browser Forum
Code Signing
EV
FIPS
HSM
Malware
Microsoft
Phishing
SSL/TLS
Code Signing Certificates demand a price premium in the underground online marketplace. This is no surprise considering that criminals sometimes use them to dupe their potential victims into installing malware in their machine.
Digital Trust Is Elusive – Are Qualified Trust Services A Solution?
May 1, 2020 by
Sebastian Schulz
Attack
eIDAS
ENISA
ETSI
Phishing
Policy
QTSP
Qualified
SSL/TLS
Trust List
TSP
A popular saying goes: “Trust takes years to build, seconds to break, and forever to repair.”
While I wouldn’t completely agree, the idea isn’t wrong. In real life trust between two parties is established over some period of time, depending on a variety of factors. Have you ever wondered why you initially trust some people more and others less, even if you’ve never met them before? There are a complicated multitude of factors that influence our thoughts: the person’s appearance, tone of voice, title or rank, etc.
Preparing for Quantum Computing
April 21, 2020 by
Diana Gruhn
(Entrust)
ECC
IETF
NIST
Quantum
RSA
Quantum computing is advancing, and while experts are not sure when there will be a quantum computer powerful enough to break the RSA and ECC cryptographic algorithms that are currently in use, many are operating under the assumption that this can happen within a 10-15 year timeframe.
5 Ways to Keep Up with Authentication Certificates
February 24, 2020 by
Arvid Vermote
Code Signing
Encryption
Identity
ISO
Malware
Microsoft
PKI
SSL/TLS
When it comes to protecting an organization’s data and users, CISOs have no shortage of hurdles. Identity attacks have become sophisticated and convincing, thanks to ransomware, phishing and deep fakes. CISOs have long known the importance of strong identification and authentication controls, but with threats constantly changing and intensifying, having these controls in place is just one piece of the puzzle; they must be managed correctly in order to do their job.
