PKI and digital certificates
Using a public key infrastructure (PKI), certificate authority (CA) and digital certificates is a key way to develop a secure network infrastructure for user access, keep data secure and eliminate hacker threats. Get expert advice and tools to implement PKI in your organization.
New & Notable
Digital Certificates: Risks, Changes & Buying Techniques
Buying digital certificates, or public key certificates, can be a complex process. Security expert Michael Cobb identifies features to consider prior to choosing and implementing a digital certificate.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
PKI and digital certificates News
-
April 16, 2018
16
Apr'18
SSH announces new key and certificate management service
A new key and certificate management service is now offered by SSH, which teamed up with AppViewX to provide a way to administer cryptographic keys and digital certificates.
-
March 27, 2018
27
Mar'18
TLS 1.3 update is finalized with encryption upgrade
The IETF approves the TLS 1.3 encryption protocol upgrade after four years and 28 versions; improvements include better security and performance, as well as middlebox support.
-
March 07, 2018
07
Mar'18
Risk & Repeat: Trustico certificate drama a cause for concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
-
March 02, 2018
02
Mar'18
23,000 Symantec certificates revoked following leak of private keys
DigiCert revoked 23,000 Symantec SSL certificates amid a public spat between the company and former reseller partner Trustico, which claimed the certificates were 'compromised.'
PKI and digital certificates Get Started
Bring yourself up to speed with our introductory content
-
SHA-1 collision: How the attack completely breaks the hash function
Google and CWI researchers have successfully developed a SHA-1 attack where two pieces of data create the same hash value -- or collide. Expert Michael Cobb explains how this attack works. Continue Reading
-
The digital certificate: How it works, which to buy
This expert guide on the digital certificate provides essential information to what can be a complex purchase. Learn about the options and how to find the best for one for your network. Continue Reading
-
MD5
The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message. Continue Reading
Evaluate PKI and digital certificates Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Public key pinning: Why is Google switching to a new approach?
After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch. Continue Reading
-
Timeline: Symantec certificate authority improprieties
Timeline: Follow along as Google and Mozilla raise issues with Symantec certificate authority actions, and then attempt to return trust to the CA giant. Continue Reading
-
SHA-1 certificates: How will Mozilla's deprecation affect enterprises?
Mozilla browser users will encounter 'untrusted connection' errors if they use SHA-1 signed certificates. Expert Michael Cobb explains why, and what enterprises can do. Continue Reading
Manage PKI and digital certificates
Learn to apply best practices and optimize your operations.
-
Running a private certificate authority: What are the risks?
Running a private certificate authority can pose significant risks and challenges to meet baseline requirements. Michael Cobb explores what enterprises should know. Continue Reading
-
WoSign certificates: What happens when Google Chrome removes trust?
Google Chrome has started removing trust in certificates issued by WoSign. Matthew Pascucci explains this decision and what it means for companies using WoSign certificates. Continue Reading
-
How can users protect mobile devices from SandJacking attacks?
Attackers can use the SandJacking attack to access sandboxed data on iOS devices. Expert Nick Lewis explains how to protect your enterprise from this attack. Continue Reading
Problem Solve PKI and digital certificates Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
PGP keys: Can accidental exposures be mitigated?
The accidental publication of an Adobe private key could have put the company in jeopardy. Matt Pascucci explains how it happened and how to better protect PGP keys. Continue Reading
-
Ticketbleed flaw: How can SSL session identities be protected?
The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it. Continue Reading
-
Risk & Repeat: Symantec, Mozilla spar over certificate issuance
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations. Continue Reading