January 2012 - Entrust, Inc. 1-4 of 4
SSL domain authentication needs improvement
Should we really be taking the domain owner’s word for it? Blogmaster Note: This was originally posted on January 27, 2012 to ComputerWorld UK’s Security Spotlight Blog. In her Dark Reading article, “Is SSL Cert Holder ID Verification a Joke?“, Ericka Chickowski discusses if certificate authorities do enough identity checking for Domain Validated (DV) certificates. I [Read More...]
Does RSA understand what happened to them?
Blogmaster Note: This was originally posted on January 18, 2012 to ComputerWorld UK’s Security Spotlight Blog . This was not just an attack on RSA, it was an attack on all of us. In Tim Greene’s article, “RSA security breach has silver lining, says CEO,” he quotes Art Coviello as saying “…we were able to [Read More...]
ShmooCon 2012 is Happening Soon!
Next week, the ShmooCon security conference will happen in Washington DC. Over the weekend of January 27-29, there will be thirty-some talks about hacking, computer security, law, and just plain fun. I’m one of the organizers, myself. I’m a member of The Shmoo Group and co-chair of the program committee along with Ben Laurie of [Read More...]
Easier, Better Identities on the Horizon
Blogmaster Note: This was originally posted on January 17, 2012 to AVISIAN’s NFC News site . One of the most exciting things that will happen in the next year or two is the confluence of a few major trends. It’s exciting because, together, they promise to make security and identity better and more manageable than [Read More...]