Archive of posts regarding pki
Certificate Revocation Lists (CRLs) are a way for Certificate Authorities to announce to their relying parties (e.g., users validating the certificates) that a Certificate they issued should no longer be trusted. E.g., was revoked.
Our deprecation plan for the SHA-1 algorithm in the public Web, first announced in 2015, is drawing to a close. Today a team of researchers from CWI Amsterdam and Google revealed the first practical collision for SHA-1, affirming the insecurity of the algorithm and reinforcing our judgment that... [read more]
Yesterday Let’s Encrypt reached a new milestone: the unique set of all fully-qualified domain names in the currently-unexpired certificates issued by Let’s Encrypt is now 10,022,446.
This is a quick status update from the Early Impacts of Let’s Encrypt post.
Because many of the devices in the IoT are headless and have limited ability to interact with their owners, there needs to be a way to authenticate them without passwords, and without the shortcomings of the existing 0000 and 1234 problems in the Bluetooth world.
The public authentication problem is one we have all learned to solve with intuition: How do I decide to trust a new person?
The Internet of Things is imagined to be a interconnection of sensors and physical devices of all kinds into the world’s information systems: a collection of machine-to-machine communication devices used to gather and distribute information about the world, contrasted with the human-machine interactions making up the bulk of today’s Internet.... [read more]