In June 2021, the CA/Browser Forum  passed ballot SC47 to remove the organization unit (OU) field from all public trust TLS/SSL certificates. The problem with the OU field relates to the principle that the certification authority (CA) must verify and assert the identity of the certificate subject w...

At the October 2021 CA/Browser virtual face-to-face conference, Apple advised of updates to their root certificate program. The updates included new requirements for S/MIME certificates effective April 1, 2022. All S/MIME certificates: Require the emailProtection extended key usage (EKU) Must ...

Marcus Brinkmann presented the Application Layer Protocol Confusion-Analyzing and Mitigating Cracks in TLS Authentication (ALPACA) attack at Black Hat USA 2021 and USENIX Security Symposium 2021 supported by the ALPACA research paper. ALPACA is an application layer protocol content confusion attack...

The Entrust monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. F5 Market Screener provides 2021 TLS Telemetry Report Splunk Splunk prepares paper on TLS fingerprint and High(er) Fidelity Software Supply Chain Attack Detection Bulletproof TLS ...

If you’re having trouble getting a handle on your cryptographical instances, you’re not alone. According to Ponemon Institute’s most recent Global Encryption Trends Study, “Discovering where sensitive data resides is the number one challenge.”[i] And it’s no surprise given the surge in cryptographic...

As Cybersecurity Awareness Month draws to a close, we’ve had a chance to reflect on the state of the cybersecurity landscape. It’s a sad reality that cyberattacks are increasing and getting more sophisticated. Cybercrime is now a multi-trillion dollar business with criminals creating sophisticated h...