ZDNet reported recently an update to the shortening of HTTPS certificates enforced by web browsers. What does it mean for you and for the internet?
"Apple strong-arms entire CA industry" ... what does it mean?
Jul 29, 2020 6:59:01 PM / by Dan posted in https, risk management
Let's Encrypt has grown from zero to an organization that has the power to switch off half of the internet. It issues certificates needed for HTTPS on web servers. HTTPS is now required by all major web browsers.
Keep an Eye on Let’s Encrypt Performance
Jun 28, 2020 2:30:45 PM / by Dan posted in letsencrypt, https, keychest
Let’s Encrypt automates certificate renewals. It sells the idea that you install a client and don’t have to think about it again. This requires reliability that has to start with Let’s Encrypt itself. We can now see that with KeyChest.
This is my second blog post explaining the concepts of HTTPS. I will focus on the importance of HTTPS and how it affects the internet.
Understanding PKI and HTTPS for busy folks
Mar 14, 2020 8:08:39 PM / by Dan posted in certificate
Public-key infrastructure (PKI) is a term for everything that has to do with web encryption beyond. This is a list of main terms to understand what it is and how it works.
How to Keep Covid-19 From Killing Remote Access
Mar 13, 2020 8:24:00 AM / by Dan posted in certificate, https, key management
The Coronavirus can't be stopped and the implications are quite clear: the next 3-6 months will see large numbers of people off work, and we can already see a huge increase in remote working—which depends entirely on the IT infrastructure working. As a recent Let's Encrypt incident showed, HTTPS represents the ultimate risk to remote working.
Browser Updates To Kill 850,000 Web Sites
The days of old TLS versions are nigh. All major web browsers - Safari, Mozilla, Chrome, and Edge - will disable support of TLS 1.0 and TLS 1.1. The old and insecure versions of SSL protocols.
Let's Encrypt Revokes 3,000,000 Certs
Mar 3, 2020 11:15:27 PM / by Dan posted in letsencrypt
Bottom line - if your certificates are affected and you will not renew and deploy new certs within hours, you will have effective downtimes - certificates will be revoked and invalid. The estimated total is 3 million, of which 1 million are duplicates.
Is Let's Encrypt The Weakest Link of Internet?
Mar 1, 2020 8:55:16 PM / by Dan posted in letsencrypt
It takes 3-5 years to build a new internet certificate issuer. Web browsers make it very hard or impossible to visit web pages without encryption. It is almost as important as DNS. Let's Encrypt supplies certificates to 60% of the internet. Is the dependence on $14 million company a reasonable risk?
Let's Encrypt - 1bln, Time To Beat Others On Uptime
Feb 28, 2020 8:17:16 AM / by Dan posted in letsencrypt
So Let's Encrypt issued a billionth certificate yesterday. It is an absolutely amazing number and I'm pretty sure no-one would have thought 5 years ago that any single CA can ever achieve this number.