PKI Consortium blog

Posts by tag PKI

    Certificate Chains, Key Management and the Number of CAs Counted by Web Crawlers – Oh My
    November 4, 2013 by Ryan Hurst CRL Microsoft OCSP PKI Policy Revocation SSL/TLS
    Have you ever wondered why your web server certificate has a “chain” of other certificates associated with it? The main reason is so that browsers can tell if your certificate was issued by an organization that has been verified to meet the security, policy and operational practices that all Publicly Trusted Certificate Authorities are mandated to meet. That certificate at the top of the chain is commonly called the “root.” It’s signature on a certificate below it indicates that the organization operating the root believes that practices of the CA below it meets that same high bar.

    Getting the Most Out of SSL Part 2: Configuration
    June 29, 2013 by Ryan Hurst Attack CASC DH Forward Secrecy OpenSSL PKI RC4 RSA SSL/TLS TLS 1.0 TLS 1.2 Vulnerability
    They say the most complicated skill is to be simple; despite SSL and HTTPS having been around for a long time, they still are not as simple as they could be. One of the reasons for this is that the security industry is constantly learning more about how to design and build secure systems; as a result, the protocols and software used to secure online services need to continuously evolve to keep up with the latest risks.

    CASC Happenings at NIST
    April 10, 2013 by CA Security Council CASC NIST PKI Policy SSL/TLS TSP
    This week members of the CASC will be attending and speaking at the NIST Workshop on Improving Trust in the Online Marketplace. You can also follow the CASC on Twitter for more information and news at @CertCouncil, as well as see some of the presentations after the events on our SlideShare page. Even if you can’t make it to Maryland, you can still watch the event via the live webcast. Please join us for the following CASC member events:

    IETF 86 – Web PKI Working Group
    March 21, 2013 by Bruce Morton (Entrust) CRL Google IETF OCSP PKI Policy Revocation SSL/TLS Web PKI
    At the IETF 86 meeting in Orlando last week, there was a working group meeting discussing the operations of the Web PKI. At the previous IETF 85 meeting a birds-of-a-feather was held to discuss the purpose of having such a group. The result of the meeting was an established group with the charter that states purposes such as: Working group will work to improve the consistency of Web security behavior Address problems as seen by the end-users, certificate holders and CAs Describe how the Web PKI actually works Prepare documented deliverables as discussed below The meeting discussed the charter and the four following deliverables.

    CASC Happenings at RSA
    February 25, 2013 by CA Security Council Attack CASC Identity PKI RSA SSL/TLS
    We are excited to have members of the CASC attending and speaking at this year’s RSA Conference. The events and panels will cover various topics that revolve around the security of the Internet and CAs as a whole. You can follow the CASC on Twitter for more information and news at @CertCouncil, as well as see some of the presentations after the events on our SlideShare page. Please join us for the following CASC member events:

    Participate in our community discussions and/or join the consortium