HSTS preload adoption and challenges
Guest Post: HSTS preload is a mitigation against a specific attack. How widely is it used?
Tag: TLS
Delegated domain verification
Guest Post: When it comes to managing TLS certificates, one often-overlooked aspect is delegated domain verification.
RIPE 86 bites — QUIC and active network management
What is challenging active network management?
Notes from IETF 116
NTP security, transition mechanisms, TCP delayed ACKs, alternate name systems, and more from IETF 116.
Not that simple: Email delivery in the 21st century
Guest Post: How do real-world deployments keep up with increasing complexity of email delivery and security.
On the interplay between TLS certificates and QUIC performance
Guest Post: Current deployments of QUIC struggle to shorten latency at low amplification potential.
Using TLS for active server fingerprinting
Guest Post: How TLS stack fingerprinting can be done efficiently and provide valuable security-related insights.
TLS 1.3: A story of experimentation and centralization
Guest Post: TLS 1.3 is an example of how Internet technology is developed and refined by a small number of players.
Notes from IETF 114
ROV measurement, DANE Portal, IPv6 extension headers, congestion control, and more topics of interest from IETF 114.
What if Certificate Transparency carried the same burdens as OCSP and CRLs?
What will happen if the load on CT logs grows?