• 2014 – Looking Back, Moving Forward

    We take a look back at the news and trends that helped, hindered or drove the certificate industry in 2013. With that context, we peak at what 2014 could have in store for us. Will Always-On SSL and the deprecation of SHA-1 be the headlines that shape the next 12 months?

        in SSL, SSL Deployment
    0
  • Protect Your Private Keys: Three Easy Steps for Safe Code-Signing

    A recent article by the Microsoft malware protection center, “Be a real security pro – Keep your private keys private,” reminded me of some best practices. There are far too many cases of illegitimate code being signed by a stolen private key for legitimately signed code-signing certificates. In these cases, the owners of the private keys have not secured the

        in Code Signing, Public Key Infrastructure
    0
  • Java Secures Supply Chains through Code Signing

    This post was originally published by Bruce Morton & Erik Costlow on the CA Security Council blog. We have recently discussed the benefits of code signing in two posts: Securing Software Distribution with Digital Signatures and Improving Code Signing. These posts covered the role of code signatures as a “digital shrinkwrap” designed to answer a simple question: Did the software I am

        in Code Signing
    0
  • SHA-1 Deprecation, on to SHA-2

    We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the SHA-1 hashing algorithm to certificates

        in SSL, SSL Deployment
    0
  • Java Secures Supply Chains through Code Signing

    This post was originally published by Bruce Morton & Erik Costlow on the CA Security Council blog. We have recently discussed the benefits of code signing in two posts: Securing Software Distribution with Digital Signatures and Improving Code Signing. These posts covered the role of code signatures as a “digital shrinkwrap” designed to answer a simple question: Did the software I am

        in Code Signing
    0
  • SHA-1 Deprecation, on to SHA-2

    We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the SHA-1 hashing algorithm to certificates

        in SSL, SSL Deployment
    0
Page 1 of 4123...»»