What is the PKI Maturity Model (PKIMM) and how can you contribute?
July 11, 2022 by
Roman Cinkais
(3Key Company)
Maturity model
PKIC
PKIMM
The PKI Consortium recently established the PKI Maturity Model Working Group to build a PKI maturity model that will be recognized around the globe as a standard for evaluation, planning, and comparison between different PKI implementations. In this blog post we will tell you more about why we are building the model and how you can contribute to it.
An open letter to Apple
March 21, 2022 by
PKI Consortium
Apple
PKIC
We would like to thank and also invite Apple to work more closely with organizations such as the CA/Browser Forum, ETSI and the PKI Consortium to address its concerns, work towards harmonization of policies and to support standardized automation in its software before making any changes on its own. This is because unilaterally enforced policies, especially those that go beyond your own root program, can have a disproportionate impact on PKI implementations, its relying parties and the entire ecosystem.
PKI Consortium & ETSI sign Memorandum of Understanding (MoU)
March 3, 2022 by
Sándor Szőke
(Microsec)
ETSI
PKIC
On 26 January PKI Consortium and ETSI signed a Memorandum of Understanding (MoU) to structure and strengthen the relationship between both organizations and foster a closer relationship.
Creating a global List of Trust Lists
November 24, 2021 by
Paul van Brouwershaven
(Digitorus)
Paul van Brouwershaven
(Entrust)
LTL
The PKI Consortium is curating a global List of Trust Lists (a curated list of root, intermediate or issuing CA certificates accepted by a public, private, industry, or solution-specific PKI), one that is not limited to a specific purpose, region, or size, and is open to anyone to contribute.
Increasing support and awareness for Remote Key Attestation
August 3, 2021 by
Paul van Brouwershaven
(Digitorus),
Paul van Brouwershaven
(Entrust),
Tomas Gustavsson
(Keyfactor)
Giuseppe Damiano
HSM
Key Attestation
Secure Enclave
Smart-card
Token
TPM
The PKI Consortium is collecting information (and looking for contributions) on how or if solutions provide a method to prove to a remote party that a private key was generated, managed inside, and not exportable from, a hardware cryptographic module.
From CASC to the Public Key Infrastructure Consortium
July 12, 2021 by
Paul van Brouwershaven
(Digitorus),
Paul van Brouwershaven
(Entrust)
Chris Bailey
(Entrust)
CASC
PKI
PKIC
Over the years, the need for private, industry, or solution-specific PKI has grown significantly, with stricter policies and the revocation of certificates and CAs becoming more common. The impact of changes in centralized PKI have caused delays and disruption of third-party services that may or may not have been considered. Any PKI (public, private, or specific) must operate according to best practices, clear policies and without a single point of failure.
One Year Certs
July 9, 2020 by
Patrick Nohe
(GlobalSign)
Apple
CA/Browser Forum
DV
Google
Identity
Microsoft
PKI
Policy
Root Program
SHA1
SHA2
SSL/TLS
Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.
Could Quantum Computing Help Stave Off the Next Great Pandemic?
June 11, 2020 by
Patrick Nohe
(GlobalSign)
Quantum
RSA
SSL/TLS
As we settle into month two of isolation in the world’s collective battle against the COVID-19 pandemic, one talking point you’ve undoubtedly heard time and again is that this won’t truly be over until there’s a vaccine. A post about how quantum computing could simplify it and reduce the time it takes exponentially.
How to do HTTPS … The Right Way
June 2, 2020 by
Corey Bonnell
(DigiCert)
CAA
Identity
Phishing
Site Seal
SSL/TLS
With secure HTTP — aka HTTPS (the “S” is short for “secure”) — swiftly becoming universal on the Internet, it is important to know how to configure HTTPS for your website the right way. The payoff for properly securing your website has many benefits.
Don’t ‘Compromise’ Your Code Amid Malware Mayhem
May 12, 2020 by
Abul Salek
(Sectigo)
CA/Browser Forum
Code Signing
EV
FIPS
HSM
Malware
Microsoft
Phishing
SSL/TLS
Code Signing Certificates demand a price premium in the underground online marketplace. This is no surprise considering that criminals sometimes use them to dupe their potential victims into installing malware in their machine.
