Public-key infrastructure (PKI) is a term for everything that has to do with web encryption beyond. This is a list of main terms to understand what it is and how it works.
Understanding PKI and HTTPS for busy folks
Mar 14, 2020 8:08:39 PM / by Dan posted in certificate
How to Keep Covid-19 From Killing Remote Access
Mar 13, 2020 8:24:00 AM / by Dan posted in certificate, https, key management
The Coronavirus can't be stopped and the implications are quite clear: the next 3-6 months will see large numbers of people off work, and we can already see a huge increase in remote working—which depends entirely on the IT infrastructure working. As a recent Let's Encrypt incident showed, HTTPS represents the ultimate risk to remote working.
25 Years of Internet Hijacking Nears Its End
Feb 25, 2020 7:56:59 PM / by Dan posted in certificate, security
If you make an internet call from Sydney to Texas, a technology called Border Gateway Protocol, or BGP for short, will ensure that your computer will find your friend in Texas. Just like people have to go through a border gate (or customs if you are at the airport) to enter another country, internet users have to go through a gate to access anything on the internet in another country. Internet users have unknowingly used BGP for over 30 years. The problem is that this old technology leaves the border gate wide open for a special kind of cyberattack.
Apple Safari Not Trusting Long Certs from Sept 1
Feb 23, 2020 8:28:19 PM / by Dan posted in certificate, https, keychest
Apple believes that SSL/HTTPS certificates valid for more than a year are not secure enough. As such the Safari browser will not be trusting certs valid for more than 13 months. Change comes on September 1. What does it mean?
Microsoft HTTPS and DNS Hijacking = Big Mess
Feb 19, 2020 9:37:53 PM / by Dan posted in certificate, risk management
Two stories in as many weeks have flushed out some of the management problems Microsoft has with the management of its vast IT inventory - DNS and SSL.
HTTPS Certificates - Keys and Issuers
Feb 18, 2020 8:21:14 PM / by Dan posted in certificate
Let's have a look at the quality of keys in internet certificates and who are the main certificate issuers.
The State of PKI by AppViewX
Feb 18, 2020 2:01:40 PM / by Dan posted in certificate, https
AppViewX has conducted a research during the 2019 BlackHat conference asking cybersecurity professionals about their experience with PKI. I will give you an alternative exec summary.
Scalable Certificate Monitoring
Feb 14, 2020 9:53:10 AM / by Dan posted in letsencrypt, certificate, incident response
The enforcement of HTTPS by web browsers has introduced the pain of certificate management to small and medium businesses. My rules of thumb to make your life much easier.
Secure By Design Will Not Work - The economics, stupid
Feb 9, 2020 1:12:04 PM / by Dan posted in certificate, identity, key management
Secure by design has been touted by governments as the way to solve the threat from insecure IoT devices. Here is a thought - it will never work because the focus is wrong.
Quick Inspection of Web Endpoints (incl.SSL Expiry Check)
Feb 5, 2020 11:20:25 AM / by Dan posted in certificate, https, keychest
KeyChest is about keeping your business up and running by preventing the expiry of important web services - this is our goal. While it may be prudent to reach A+ rating in specialised audit tools (like SSL Labs), it will not prevent your business downtime 3 months later when your super secure ordering service expires.
