Published 2025-12-03
My friend Christophe Brocas has just published a retrospective on the ten years since we unveiled the ACME protocol to the world. He interviewed me and some colleagues for the piece, and I recommend it! [read more]
Published 2017-08-18
Certificate Revocation Lists (CRLs) are a way for Certificate Authorities to announce to their relying parties (e.g., users validating the certificates) that a Certificate they issued should no longer be trusted. E.g., was revoked.… [read more]
Published 2017-02-23
Our deprecation plan for the SHA-1 algorithm in the public Web, first announced in 2015, is drawing to a close. Today a team of researchers from CWI Amsterdam and Google revealed the first practical collision for SHA-1, affirming the insecurity of th… [read more]
Published 2016-09-30
Yesterday Let's Encrypt reached a new milestone: the unique set of all fully-qualified domain names in the currently-unexpired certificates issued by Let's Encrypt is now 10,022,446.… [read more]
Published 2016-04-05
This is a quick status update from the Early Impacts of Let's Encrypt post.… [read more]
Published 2014-09-09
Because many of the devices in the IoT are headless and have limited ability to interact with their owners, there needs to be a way to authenticate them without passwords, and without the shortcomings of the existing 0000 and 1234 problems in the Blu… [read more]
Published 2014-07-30
The public authentication problem is one we have all learned to solve with intuition: How do I decide to trust a new person?… [read more]
Published 2014-07-04
The Internet of Things is imagined to be a interconnection of sensors and physical devices of all kinds into the world’s information systems: a collection of machine-to-machine communication devices used to gather and distribute information about the… [read more]
On a mission to solve communications security issues for the whole Internet. That, and drink coffee.
This work is licensed under a Creative Commons Attribution 4.0 International License.