-
Listen Now
EPISODE 437
Broadcast Date:
November 5, 202411 minutes
Podcast Nov 05, 2024Root Causes 437: Don't Blame the Linter
Public open-source linters are available to help CAs assure compliance. Now some CAs blame gaps in linter coverage for their misissuance events.
-
Listen Now
EPISODE 436
Broadcast Date:
October 29, 202410 minutes
Podcast Oct 29, 2024Root Causes 436: Formal Proofs
Formal proofs are critical to cryptography. We discuss how better processes and AI can accelerate formal proofs of cryptographic concepts.
-
Listen Now
EPISODE 435
Broadcast Date:
October 25, 202419 minutes
Podcast Oct 25, 2024Root Causes 435: The PQC "Q Day" Is Not That Simple
We explain how radically oversimplified the concept of PQC "Q day" really is.
-
Listen Now
EPISODE 434
Broadcast Date:
October 22, 202412 minutes
Podcast Oct 22, 2024Root Causes 434: Did Researchers Break AES Using Quantum Annealing?
Reports suggest Chinese researchers used a quantum annealing computer to break AES. We clarify the findings and discuss the potential implications.
-
Listen Now
EPISODE 433
Broadcast Date:
October 17, 202410 minutes
Podcast Oct 17, 2024Root Causes 433: Will AI Eat All the Electricity?
News reports claim Chinese researchers broke AES with a quantum annealing computer. We clarify the details and talk about the implications of this reported discovery.
-
Listen Now
EPISODE 432
Broadcast Date:
October 14, 202426 minutes
Podcast Oct 14, 2024Root Causes 432: Apple Floats New Short-lived Certificate Proposal
Apple recently floated a draft CABF ballot for commentary that steps down maximum term for SSL certificates to 45 days by 2027.
-
Listen Now
EPISODE 431
Broadcast Date:
October 11, 202428 minutes
Podcast Oct 11, 2024Root Causes 431: New Mozilla Proposal to Combat Delayed Revocation
Deliberate delay of mandatory revocations has plagued the WebPKI in 2024. A new proposed policy from Mozilla stands to eliminate most of this behavior.
-
Listen Now
EPISODE 430
Broadcast Date:
October 9, 202414 minutes
Podcast Oct 09, 2024Root Causes 430: How Does a TLS Handshake Work?
In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.
-
Listen Now
EPISODE 429
Broadcast Date:
October 8, 20247 minutes
Podcast Oct 08, 2024Root Causes 429: ServiceNow Outage Due to Expired Root Certificate
A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.
-
Listen Now
EPISODE 428
Broadcast Date:
October 4, 202417 minutes
Podcast Oct 04, 2024Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers control .mobi WHOIS, signaling the decline of WHOIS as a reliable source for Domain Control Validation (DCV) emails.
-
Listen Now
EPISODE 428
Broadcast Date:
October 4, 202417 minutes
Podcast Oct 04, 2024Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).
-
Listen Now
EPISODE 427
Broadcast Date:
October 2, 202416 minutes
Podcast Oct 02, 2024Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.