KeyChest Blog

"Apple strong-arms entire CA industry" ... what does it mean?

Jul 29, 2020 6:59:01 PM / by Dan posted in https, risk management

0 Comments

ZDNet reported recently an update to the shortening of HTTPS certificates enforced by web browsers. What does it mean for you and for the internet?

Read More

Keep an Eye on Let’s Encrypt Performance

Jun 28, 2020 2:30:45 PM / by Dan posted in letsencrypt, https, keychest

0 Comments

Let’s Encrypt automates certificate renewals. It sells the idea that you install a client and don’t have to think about it again. This requires reliability that has to start with Let’s Encrypt itself. We can now see that with KeyChest.

Read More

How to Keep Covid-19 From Killing Remote Access

Mar 13, 2020 8:24:00 AM / by Dan posted in certificate, https, key management

0 Comments

The Coronavirus can't be stopped and the implications are quite clear: the next 3-6 months will see large numbers of people off work, and we can already see a huge increase in remote working—which depends entirely on the IT infrastructure working. As a recent Let's Encrypt incident showed, HTTPS represents the ultimate risk to remote working.

Read More

Browser Updates To Kill 850,000 Web Sites

Mar 5, 2020 11:39:41 AM / by Dan posted in https

0 Comments

The days of old TLS versions are nigh. All major web browsers - Safari, Mozilla, Chrome, and Edge - will disable support of TLS 1.0 and TLS 1.1. The old and insecure versions of SSL protocols.

Read More

Apple Safari Not Trusting Long Certs from Sept 1

Feb 23, 2020 8:28:19 PM / by Dan posted in certificate, https, keychest

0 Comments

Apple believes that SSL/HTTPS certificates valid for more than a year are not secure enough. As such the Safari browser will not be trusting certs valid for more than 13 months. Change comes on September 1. What does it mean?

Read More

The State of PKI by AppViewX

Feb 18, 2020 2:01:40 PM / by Dan posted in certificate, https

0 Comments

AppViewX has conducted a research during the 2019 BlackHat conference asking cybersecurity professionals about their experience with PKI. I will give you an alternative exec summary.

Read More

KEYCHEST - Confidence In Your Online Business

Feb 6, 2020 10:36:21 AM / by Dan posted in https, keychest, key management

0 Comments

While KEYCHEST as a brand started as a straightforward expiry management service for Let's Encrypt, it has become a service with a rich set of features and there is still several technologies that wait for production deployment.

Read More

Quick Inspection of Web Endpoints (incl.SSL Expiry Check)

Feb 5, 2020 11:20:25 AM / by Dan posted in certificate, https, keychest

0 Comments

KeyChest is about keeping your business up and running by preventing the expiry of important web services - this is our goal. While it may be prudent to reach A+ rating in specialised audit tools (like SSL Labs), it will not prevent your business downtime 3 months later when your super secure ordering service expires.

Read More

Microsoft Teams - It's Not Just One Certificate

Feb 4, 2020 3:14:47 PM / by Dan posted in certificate, https, key management

0 Comments

A friend tagged me yesterday on LinkedIn with an update that Microsoft Teams - a team communication service, something like Slack - had gone down due to an expired certificate. How can this even happen?

Read More

Massive MS Windows bug - by NSA - how it works (maybe)

Jan 14, 2020 10:33:36 PM / by Dan posted in https, attack

0 Comments

I have just skimmed a looong discussion at Hacker News - https://news.ycombinator.com/item?id=22047573 - about a vulnerability so big that NSA was happy to be accredited. (I only wonder whether they spotted someone else using it.)

Read More