Where Identity Breaks Down Across the Employee Lifecycle

AI Agent Authorization: Why Accountable Delegation is Central to Your Trust Fabric

Agentic AI Identity Security: Why Delegated Authority Raises Risk

Rethinking Certificate Management: Why the 47-Day Mandate Is a Wake-Up Call

CAA for S/MIME Email Certificates

Use of Certification Authority Authorization (CAA) was mandated for TLS certificates in September 2017. The primary purpose of CAA is to allow the domain owner to authorize specific CA(s) to issue TLS certificates for their domains. It also prevents other CAs from issuing TLS certificates for those ...

TLS/SSL Certificates |

Bruce Morton

Nov 2023

digital certificate linting blog_1000x420

Deploying Digital Certificate Linting

In a previous blog we introduced Digital Certificate Linting. It is interesting how certification authorities (CAs) have deployed certificate linting of public trust certificates without policy requirements from the browsers or the CA/Browser Forum. Linting does not need to be mandated as it natural...

TLS/SSL Certificates |

Bruce Morton

Nov 2023

1330700_Digital Certificates Linting_Blog post_v2-1000x420

Digital Certificate Linting

My recollection of certificate linting goes back to 2016. Linting started happening to most public trust TLS certificates after three items came together. So, what is linting? I am not a software developer, so the term was foreign to me, but a quick search defined it as: “…the process of performi...

TLS/SSL Certificates |

Bruce Morton

Sep 2023

1300270_Code Signing Revocation Requirements_Blog_1000x420

Code Signing Revocation Requirements Updated

The CA/Browser Forum released Ballot CSC-18 to update the code signing certificate revocation requirements in the Code Signing Baseline Requirements (CSBRs). The purpose of the ballot is to align the revocation reasons with the TLS BRs and to provide stricter requirements for revocation due to priva...

TLS/SSL Certificates |

Bruce Morton

Aug 2023

1299334_Short-lived Certificates_Blog image

Short-lived Certificates finally approved

After more than 10 years, short-lived TLS certificates are finally permitted by the browsers based on CA/Browser Forum ballot SC-063. Gerv Markham started a short-lived certs discussion in 2014, where he advised he was reviewing the 2012 CA/Browser Forum discussion on the topic. He advised that shor...

TLS/SSL Certificates |

Bruce Morton

Aug 2023

1240135_Month Review SSL - May 2023_Blog Post

SSL Review: May 2023

The Entrust monthly SSL review covers SSL/TLS discussions — recaps, news, trends and opinions from the industry. Entrust Gmail now offers a new checkmark for emails enabled with Verified Mark Certificates and BIMI Bulletproof TLS Newsletter #101 End-to-End Encryption under Attack TLS News &...

TLS/SSL Certificates |

Bruce Morton

Jun 2023

1187878 _Blog Google 90 Days Proposal_1000x420

Google's 90 day proposal for TLS certificates

At the most recent CA/Browser Forum (CABF) meeting in late February, Google announced its Moving Forward, TogetherMoving Forward, Together direction. This initiative includes a proposal to reduce the maximum TLS certificate validity and domain validation reuse period from the current 398 days to 90 ...

TLS/SSL Certificates |

Bruce Morton

Apr 2023

Entrust Blog

From Process to Outcomes: Governing the Agentic Enterprise

Where Identity Breaks Down Across the Employee Lifecycle

AI Agent Authorization: Why Accountable Delegation is Central to Your Trust Fabric

Agentic AI Identity Security: Why Delegated Authority Raises Risk

Rethinking Certificate Management: Why the 47-Day Mandate Is a Wake-Up Call

CAA for S/MIME Email Certificates

Deploying Digital Certificate Linting

Digital Certificate Linting

Code Signing Revocation Requirements Updated

Short-lived Certificates finally approved

SSL Review: May 2023

Google's 90 day proposal for TLS certificates

Filter By