June 2012 - Entrust, Inc. 1-8 of 8
What is Time-Stamping?
What happens to signed code when the code signing certificate expires? In many cases, an expired certificate means that the signature validation will fail and a trust warning will appear in the browser. Time-stamping was designed to alleviate this problem. The idea is that at the time, at which the code is signed, the certificate [Read More...]
Code Installation Trust Decision
The code has been signed, the user has started installation, and verification has taken place. How does the user know whether or not to accept the code? Here is a typical code verification security warning: The user must make their trust decision based on the above. The statement provides the following: File Name: In this [Read More...]
How to Digitally Sign Code
Various application platforms support code-signing and provide different tools to perform the signing. Here is a list of the more common code-signing types and references as to where you can find guides for the given application. Adobe AIR Adobe – Digitally signing an AIR file Apple Mac OS X Developer Library – Code Signing and [Read More...]
Microsoft to ban keys less than 1024-bits
For those of you who do not maintain the size of your keys for digital certificates, you’re about to have some problems. Microsoft is not a proponent of small-sized digital keys. Their Windows Root Certificate Program does not allow CAs to issue certificates with keys less than 1024-bits RSA and deprecates keys that are less [Read More...]
First New gTLD Requests
ICANN has published the first new gTLD requests. If approved, these gTLDs will add to the current 22 generic TLDs and the 280 country code TLDs. The new gTLDs have mostly been requested by companies and governments. We see that Google has asked for .youtube and Ford has requested .ford. Amsterdam and London have asked [Read More...]
Layered Security USING your Mobile Device
A natural extension to my last post, I find it interesting that most people intuitively see the need to secure mobile devices, applications and transactions, but they are likely unaware of the incredible power and convenience mobile devices present in terms of serving as a security device themselves. Increasingly, mobile devices are used for more [Read More...]
International Law Enforcement Teams up to Capture International Fugitive Luka Magnotta
Well, Luka Rocco Magnotta’s life on the run came to an abrupt end this week in Berlin. After allegedly killing a very unfortunate exchange student from China and before Canadian officials knew any of the crimes were committed, Magnotta flew to Paris where he could ‘disappear’ into Europe or beyond.
What is TACK?
Two researchers have prepared a draft standard for the Internet Engineering Task Force to help extend the trust of SSL certificates. The approach is Trust Assertions for Certificate Keys, or TACK, and was prepared by Trevor Perrin and Moxie Marlinspike. TACK is an SSL extension that enables a Web server to assert the authenticity of [Read More...]