Certifiably vulnerable: Using Certificate Transparency logs for target reconnaissance
Guest Post: Large-scale measurement study identifies potential threats of Certificate Transparency logs.
Tag: certificate
Whose certificate is it anyway?
Guest Post: How Certification Authority Authorization is used globally.
Reflections on certificates, Part 2
Guest Post: A brief guide to certificate best practices.
Reflections on certificates, Part 1
Guest Post: Understanding the complexity, trust relationships, and tradeoffs of certificates can lead to better decision-making and more efficient operations.
What if Certificate Transparency carried the same burdens as OCSP and CRLs?
What will happen if the load on CT logs grows?
How to: Run delegated RPKI in Krill
Guest Post: If you’re a member of more than one RIR and manage IP address space and routes across them, delegated RPKI will allow you to use manage ROAs seamlessly and transparently.
The wrong certificate: Apache, Let’s Encrypt and OpenSSL
Geoff Huston shares some PKI config issues experienced when migrating labs.apnic.net to a new platform.
Revocation: is there a better way to secure certificates?
Learn how browsers are being made aware of revoked certificates and the the challenges associated with this security measure.
Is the web ready for OCSP Must-Staple?
Guest Post: What do clients and web servers need to do to support OSCP Must-Staple?
Incorporating OCSP Must-Staple into certificates
Guest Post: What is the current reliability and accuracy of CA responders, and what do they need to do in order for OCSP Must-Staple to be deployed successfully?