Let's Encrypt are amazing and regular readers will know I'm a huge fan of theirs, having covered them numerous times on my blog. They issue more certificates and cover more domains than any other CA out there, all for free. Whilst all of these are amazing facts, we are creating…
Tag: Let's Encrypt
It's time! August 2018 represents the 7th time I've published a report of the Alexa Top 1 Million sites so let's get stuck in and see what changes have taken place over the last six months on the biggest sites on the web. Crawler data As always the data from…
I've had a pretty chaotic few weeks and come weekend I like to chill out and tinker with little projects on my backlog. Months ago I bought some Amazon Dash buttons with every intention of using them but never actually getting around to it. It's time to change that and…
Those that know me or have followed me online will know I'm a massive advocate of encryption on the web. One of my goals is to help encrypt as much of the web as I can by sharing knowledge and information, building tools and services, speaking at conferences and countless…
It's that time of year again! I'm really excited to publish the 6th installment of my Alexa Top 1 Million analysis so we can take a look over our progress on securing the web over the last 6 months. Previous Crawls It's hard to believe there are now 5 previous…
In the early days of the encrypted web you could get certificates valid for any period of time. Long gone are those days and as more time goes by we realise just how much we need to be doing a lot more to greatly reduce the maximum validity period on…
Migrating your site to HTTPS can be hard, really hard. There are countless different ways to perform your migration and various tools and techniques that can help you smooth out the transition. This is a high-level deployment plan that should help you to consider all of the aspects that you…
There, I said it! It might sound like a weird thing to stay but stick with me on this one. We really do need more phishing sites on HTTPS, all of them, encrypt all the things, and not for the reason you might think. The web is going HTTPS There's…
I was having a period of really high load on securityheaders.io earlier and whilst I looked into it and sorted out the root cause I wanted to throw some more cloud behind the site to bolster it. That introduced an interesting problem that I wanted to solve quickly. DNS…
I've written quite a few blogs on how to get started with Let's Encrypt and covered both RSA and ECDSA certificates. In this blog I'm going to look at how we revoke them. Let's Encrypt If you haven't come across Let's Encrypt yet, they're a CA that you can use…