Tag Archives: DigiNotarDigiNotar

Mozilla Endorses SSL Baseline Requirements

February 27, 2013 by Bruce Morton     2 Comments

The CA/Browser Forum SSL Baseline Requirements have been endorsed by Mozilla and have been included in their certificate authority (CA) certificate policy.

Certificate Transparency Birds of a Feather

November 19, 2012 by Bruce Morton     No Comments

I was recently reminded by a couple of security researchers that SSL provides privacy, integrity and authenticity.

Web PKI Birds of a Feather

November 7, 2012 by Bruce Morton     No Comments

At the Internet Engineering Task Force (IETF) 85 conference, there was a Birds of a Feather (BoF) meeting on Web PKI operations.

SSL News from Black Hat and DEF CON

August 28, 2012 by Bruce Morton     No Comments

I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred [Read More...]

Certification Authority Authorization

July 11, 2012 by Bruce Morton     No Comments

One of the issues of having many public CAs is that any or all can issue SSL certificates for any domain. This would be upsetting to a subscriber that has reviewed the SSL industry and has chosen a CA that they can trust and work with. Another CA can issue a certificate for their domain [Read More...]

What is TACK?

June 4, 2012 by Bruce Morton     No Comments

Two researchers have prepared a draft standard for the Internet Engineering Task Force to help extend the trust of SSL certificates. The approach is Trust Assertions for Certificate Keys, or TACK, and was prepared by Trevor Perrin and Moxie Marlinspike. TACK is an SSL extension that enables a Web server to assert the authenticity of [Read More...]