Roughtime: Securing Time with Digital Signatures

When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid. The idea is almost as old as the web itself: limiting the lifetime…

DOSarrest Announces new Cyber Attack Readiness Certificate program

… have begun offering a comprehensive Cyber Attack Readiness Certificate program. This certification … cyber attacks on their websites, the testing consisting of several TCP volumetric attacks … sophisticated attacks, this is merely a managed service extension of our Cyber Attack … VISIT THE SOURCE…

Darknet Vendors Sell Counterfeit TLS Certificates

Symantec declared in August last year that it was offering its digital security certificate business to DigiCert. In any case, this was after a long battle with Google, which claimed that loose security controls at Symantec enabled bad actors to purchase TLS certificates. These certificates,…

A tour through Merkle Town, Cloudflare’s Certificate Transparency dashboard

For a quick primer on Certificate Transparency, please read my colleague Nick Sullivan’s post from earlier today. The discussion below expands on that post and details how Cloudflare monitors the health and performance of Certificate Transparency (CT) logs. The success of Certificate Transparency rests on…

Introducing Certificate Transparency and Nimbus

Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services: Nimbus: A free and open certificate transparency log Merkle Town: A…

A Technical Deep Dive: Securing the Automation of ACME DNS Challenge Validation

Earlier this month, Let’s Encrypt (the free, automated, open Certificate Authority EFF helped launch two years ago) passed a huge milestone: issuing over 50 million active certificates. And that number is just going to keep growing, because in a few weeks Let’s Encrypt will also start issuing “wildcard”…