• Root Certificates with 1024-bit RSA Keys are Being Removed

    Entrust has been working since 2010 to educate our customers on the migration away from 1024-bit RSA keys. We updated our policy in 2011 and summarized the status in 2013. Entrust has implemented migration and do not issue any RSA certificates less than 2048-bit keys and have discussed continued issuance using our 1024-bit root.

        in Digital Certificates, Public Key Infrastructure, SSL
    0
  • Microsoft Warns of Malicious RTF Files, Remote Code Execution

    On Monday, Microsoft issued a security advisory (2953095) notifying IT professionals and end-consumers of a vulnerability affecting “supported versions of Microsoft Word.” Per the advisory, specific rich text files (.RTF) that can be opened or previewed using many Microsoft software products, specifically Microsoft Word (2003-2013)and related service packs, could leave users vulnerable to remote code execution. If successful, the attacker

        in General
    0
  • Moving to TLS 1.2

    In 2014, there will be a trend for website owners to implement TLS 1.2 on their servers. TLS 1.2 was defined in RFC 5246 in August 2008 and is the most secure version of SSL/TLS protocol. Although TLS 1.2 has been available for a few years, it is not well deployed. SSL Pulse indicates that only 26 percent of the

        in SSL, SSL Deployment
    0
  • SHA-1 Deprecation, on to SHA-2

    We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the SHA-1 hashing algorithm to certificates

        in SSL, SSL Deployment
    0
  • Moving to TLS 1.2

    In 2014, there will be a trend for website owners to implement TLS 1.2 on their servers. TLS 1.2 was defined in RFC 5246 in August 2008 and is the most secure version of SSL/TLS protocol. Although TLS 1.2 has been available for a few years, it is not well deployed. SSL Pulse indicates that only 26 percent of the

        in SSL, SSL Deployment
    0
  • SHA-1 Deprecation, on to SHA-2

    We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the SHA-1 hashing algorithm to certificates

        in SSL, SSL Deployment
    0
Page 1 of 6123...5...»»