Tag Archives: Public key infrastructure

Public Key Pinning Extension for HTTP

January 21, 2013 by Bruce Morton     No Comments

In 2011, Google added public key pinning to Chrome. They white-listed the certification authority public keys that could be used to secure Google domains.

All SSL and Digital Certificates Are the Same, Right? Wrong

May 21, 2012 by Dave Rockvam     No Comments

If all digital certificates are the same, why choose anything but the basic certificate? Because all certificates are not the same. Currently, there are three classes of digital certificates as recognized by the CA/Browser Forum: Domain Validated (DV), Organization Validated (OV) and Extended Validated (EV). There is a common misconception that the only difference in [Read More...]

Filed Under: EV SSL, SSL Tagged With: Computer security, dv, EV

Survey: Site Seals vs Reliable Security – Which is Most Important?

April 10, 2012 by Dave Rockvam     No Comments

There is a lot of hype right now about a major player in the SSL security space “rebranding” itself as the go-to SSL provider. But hype and big brand names alone shouldn’t influence security buying decisions. While this sounds logical, too many companies and organizations pay a premium for an over-marketed SSL trust seal. Entrust [Read More...]

Dutch Government: PKI alternatives, replacements not on horizon

March 29, 2012 by Dave Rockvam     No Comments

In July 2011, Dutch certification authority (CA) DigiNotar experienced a security incident that affected the national security infrastructure of both governmental and non-governmental bodies in the Netherlands. The government commissioned a report looking into the incident and the broader CA/SSL market. One of the conclusions of the Dutch government’s report is that alternatives to PKI [Read More...]

Leveraging Consumerization Concepts to Combat Security Threats

February 15, 2012 by Mike Byrnes     No Comments

Let me be clear right up front. Yes, cybersecurity threats are real. Yes, they are growing in volume and in sophistication. And, yes,  they are the root of the problem. BUT, one of the underlying frustrations I have with the cyber-threat situation is that, in general, many organizations remain anything but creative and strategic when [Read More...]