Incorporating OCSP Must-Staple into certificates
Guest Post: What is the current reliability and accuracy of CA responders, and what do they need to do in order for OCSP Must-Staple to be deployed successfully?
Tag: TLS
Overcoming the limitations of OCSP
Guest Post: Online Certificate Status Protocol (OCSP) is one of the primary protocols browsers use to communicate with Certificate Authorities to obtain revocation attestations.
Three of the best: Geoff Huston
Geoff was again in fine form in 2018 with insightful posts on DNS, IPv6, routing, and time.
Introducing SMTP TLS Reporting
Guest Post: Simple Mail Transfer Protocol Transport Layer Security Reporting is a new feature included in open source network and security configuration assessment tool.
Coming of age: a longitudinal study of TLS deployment
Guest Post: Study follows the evolution of TLS from 2012 using a dataset of 319.3 billion TLS connections collected from large universities and research centres across North America.
DNS-OARC 29: Diving into the DNS
DOH (DNS over HTTPS) and other means to secure the DNS attracted plenty of discussion at the recent DNS-OARC meeting.
DNS-OARC 29: KSK roll and two days of DNS internals
The 29th DNS-OARC workshop was a remarkably effective DNS meeting, with a wealth of operational experience and engagement.
Persistent DNS connections for reliability and performance
Guest Post: DNS-over-TLS provides an opportunity to improve query latency compared to UDP.
TLS 1.3 updates the most important security protocol on the Internet
Guest Post: The recently updated TLS 1.3 delivers superior privacy, security, and performance.
DNSSEC ‘and’ DNS over TLS
A trustable DNS demands DNSSEC irrespective of the fate of DNS over TLS.