A lot can be learned about SSL/TLS by analyzing real-world bugs and the ways in which vendors patch them. This past week OpenSSL 1.1.1k was released, which corrected two high severity bugs in the popular OpenSSL software. Specifically, CVE-2021-3450 …
Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for …
It is a peculiar thing to see, but more and more commonly terms of art make their way into the mainstream media. It seems that every week a new article about a vulnerability, cyberattack, or data breach makes its way into public discourse. One …
A distributed-denial-of-service (DDOS) attack occurs when a service provider is intentionally overwhelmed at the network layer by a large volume of requests. These requests might consist of normal traffic occurring at a massive scale, or it might …
Chances are that you’ve used a captive portal – possibly without knowing it! Captive Portals are a legitimate means of grabbing the users attention
Let’s Encrypt is a fairly popular service offering free SSL/TLS certificates to those who are uninterested in the value-add of traditional certificate resellers. Historically, this CA has partnered with IdenTrust to provide this service as it has …
Intermediate certificates are often a topic of confusion. It’s understandable. We pay a lot of attention to root certificates as they require a lot of active management on the client. Leaf certificates on the endpoint are the star of the show – …
It’s that time again. As protocols mature, inevitably security vulnerabilities lurking beneath the surface are uncovered by security professionals. The so-called “Racoon” vulnerability is unusual however in that it affects TLS 1.2, arguably the most …
Certificate Cross-Signing is a nuance of PKI which is often poorly understood. This topic is particularly salient as of late, as a long-lived root certificate managed by Sectigo (formerly Comodo) expired, causing many unexpected problems for many …
There are a lot of reasons why you might inherit a network. Maybe the person who handled SSL/TLS left abruptly, or perhaps you’re doing a favor for a friend. Whatever the reason, it can be overwhelming to get a handle on the sorts of care and …
View more resources on cyber security, encryption and the internet.
View more Guides, FAQs and information to help with your Certificate purchases.