Free Post apple Certificate lifetime capped to 1 year from Sep 2020 It's finally happening! We've had 2 failed attempts through the CA/B Forum and now Apple has decided to enforce a maximum lifetime of 398 days...
Free Post MTA-STS Improving email security with MTA-STS There has been a huge focus on encryption on the web recently, with lots of that centred around HTTP with things like HTTPS and HSTS. Now we're taking...
Free Post legacy tls Legacy TLS is on the way out: Start deprecating TLSv1.0 and TLSv1.1 now With TLS having taken some great steps forwards in recent years, with TLSv1.2 in 2008 and TLSv1.3 in 2018, it's time to start dropping support for...
Free Post HPKP HPKP is no more! It's been an interesting ride over the last few years but HPKP, or HTTP Public Key Pinning, is finally coming to the end of its tenure. With support...
Free Post tls Big HTTPS changes coming in Chrome Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have...
Free Post crawl Top 1 Million Analysis - September 2019 Yes, it's that time of year again and the last 6+ months have flown by. Time for a look at the state of security in the Top 1...
Free Post CSP CSP nonces the easy way with Cloudflare Workers Everybody knows I'm a rather large fan of CSP and an even bigger fan of CSP reporting, but CSP can be hard. Part of my personal mission has...
Free Post EV Extended Validation not so... extended? How I revoked $1,000,000 worth of EV certificates! Personal like or dislike of EV aside for a moment, we can all agree on what the name of EV certs implies. Organisations get their company details in the certificate...
Free Post Certificate Authorities Ballot SC22: Reduce Certificate Lifetimes We've made some great progress in the TLS and PKI ecosystem in recent years, driven largely by the actions of browser vendors. We could have just taken another...
Free Post Certificate Transparency Announcing CT Monitoring for Report URI! I've spoken a lot about Certificate Transparency on my blog recently and how powerful it is for site operators to be able to keep track of certificates issued...
Follow