New & Notable
PKI and digital certificates News
June 29, 2018
Rival certificate authorities GlobalSign and Comodo CA have strengthened their presence in the IoT security market with new platforms for connected devices.
April 16, 2018
A new key and certificate management service is now offered by SSH, which teamed up with AppViewX to provide a way to administer cryptographic keys and digital certificates.
March 27, 2018
The IETF approves the TLS 1.3 encryption protocol upgrade after four years and 28 versions; improvements include better security and performance, as well as middlebox support.
March 07, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
PKI and digital certificates Get Started
Bring yourself up to speed with our introductory content
A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key. Continue Reading
IPsec, also known as the Internet Protocol Security or IP Security protocol, defines the architecture for security services for IP network traffic. Continue Reading
Google and CWI researchers have successfully developed a SHA-1 attack where two pieces of data create the same hash value -- or collide. Expert Michael Cobb explains how this attack works. Continue Reading
Evaluate PKI and digital certificates Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch. Continue Reading
This expert guide on the digital certificate provides essential information to what can be a complex purchase. Learn about the options and how to find the best for one for your network. Continue Reading
Timeline: Follow along as Google and Mozilla raise issues with Symantec certificate authority actions, and then attempt to return trust to the CA giant. Continue Reading
Manage PKI and digital certificates
Learn to apply best practices and optimize your operations.
Running a private certificate authority can pose significant risks and challenges to meet baseline requirements. Michael Cobb explores what enterprises should know. Continue Reading
Google Chrome has started removing trust in certificates issued by WoSign. Matthew Pascucci explains this decision and what it means for companies using WoSign certificates. Continue Reading
Attackers can use the SandJacking attack to access sandboxed data on iOS devices. Expert Nick Lewis explains how to protect your enterprise from this attack. Continue Reading
Problem Solve PKI and digital certificates Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The accidental publication of an Adobe private key could have put the company in jeopardy. Matt Pascucci explains how it happened and how to better protect PGP keys. Continue Reading
The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it. Continue Reading
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Mozilla's suggested deadline for Symantec to turn over its certificate issuance operations. Continue Reading