What’s going on with certificate revocation?
Does X.509 certificate revocation work as intended, or even work at all?
Search blog
Results for "certificate revocation"
Revocation: is there a better way to secure certificates?
Learn how browsers are being made aware of revoked certificates and the the challenges associated with this security measure.
Whose certificate is it anyway?
Guest Post: How Certification Authority Authorization is used globally.
Reflections on certificates, Part 2
Guest Post: A brief guide to certificate best practices.
Reflections on certificates, Part 1
Guest Post: Understanding the complexity, trust relationships, and tradeoffs of certificates can lead to better decision-making and more efficient operations.
The SSL certificate issuer field is a lie
Guest Post: How to _really_ figure out which CA issued a certificate.
What if Certificate Transparency carried the same burdens as OCSP and CRLs?
What will happen if the load on CT logs grows?
Incorporating OCSP Must-Staple into certificates
Guest Post: What is the current reliability and accuracy of CA responders, and what do they need to do in order for OCSP Must-Staple to be deployed successfully?
Event Wrap: RIPE 84
Geoff Huston presented on certificate revocation at RIPE 84, held from 16 to 20 May 2022.
Notes from DNS-OARC 40
Mitigating cache poisoning, post-quantum crypto, defining IPv6-ready DNS, and more from OARC 40.