Don’t throw the (cryptographic) baby out with the bathwater
Even if Shor’s Algorithm is now implementable inside ten years, symmetric keying should still be trustworthy if we fix RSA with PQC methods. Don’t throw the baby out with the bathwater!
Even if Shor’s Algorithm is now implementable inside ten years, symmetric keying should still be trustworthy if we fix RSA with PQC methods. Don’t throw the baby out with the bathwater!
Guest Post: How Bangladesh’s .BD ccTLD moved from no DNSSEC coverage to a fully validated chain of trust across its most critical SLDs, overcoming tooling gaps, operational failures, and infrastructure challenges along the way.
Guest Post: Non-Human Identity is evolving as automation and AI increase machine-to-machine connections. Short-lived, key-based credentials address long-standing risks, but industry now needs clear assurance levels for workload identities. Collaboration will shape the next phase of NHI standards.
Guest Post: “RADIUS is the protocol that will never die”. So given that RADIUS is staying, what do we need to do to make it secure for the next 30 years?
Guest Post: Many BGP route leaks flagged by automated systems are short-lived artifacts of normal convergence. Doug Madory draws on Cloudflare Radar, RouteViews, and Jared Mauch’s leak detector to show how these ‘ephemeral leaks’ occur, why they rarely disrupt traffic, and why they still matter for routing security.
Examining recent trends in DDoS activity across the Asia Pacific region and practical ways to reduce both exposure and impact.
Alban Kwan from the Trusted Notifier Network talks about the socialized costs of online abuse, and the need for a stronger method of abuse notification within business and the community.
Guest Post: PITA 30 showed both the risks of insecure routing and the opportunities for rapid improvement in the Pacific, with PITA 31 set as an implementation target.
‘Revocation is broken’ is a catchphrase in the world of certificates and Certificate Authorities. Certification infrastructure may not have been designed for the Internet of today.
Guest Post: What can we learn about QUIC deployments just by listening to unsolicited QUIC traffic? As it turns out, quite a lot.