Articles about pki

dunce_cap_648

Mozilla takes a turn slapping Symantec's certification SNAFU

Mozilla has weighed in to the ongoing Symantec-Google certificate spat, telling Symantec it should follow the Alphabet subsidiary's advice on how to restore trust in its certificates. Readers will recall that Symantec has repeatedly issued certs that didn't ring true with browser-makers and at the end of April 2017 Google …
Files and paperwork photo via Shutterstock

Controversial opinion alert: Privacy and the public cloud – not just possible, but easy

Like it or not, collaboration and file-sharing services like Dropbox have become embedded in corporate IT. What started as personal technology has increasingly become the alternative to everything from moving files using USB to sharing docs via email or an internal wiki. But we live in an age of hackers and hacking, spies and …
Trevor Pott, 1 Mar 2017

Google launches root certificate authority

Google has launched its own root certificate authority. The move, announced Thursday, will stop Google relying on an intermediate certificate authority (GIAG2) issued by a third party in its ongoing process of rolling out HTTPS across its products and services. "As we look forward to the evolution of both the web and our own …
John Leyden, 27 Jan 2017

Google floats prototype Key Transparency to tackle secure swap woes

Google has released an open-source technology dubbed Key Transparency, which is designed to offer an interoperable directory of public encryption keys. Key Transparency offers a generic, secure way to discover public keys. The technology is built to scale up to internet size while providing a way to establish secure …
John Leyden, 13 Jan 2017

New Docker crypto locker is a blocker for Docker image mockers

Docker has tackled the problem of secure application container distribution with a new system that supports signing container images using public key cryptography. The new feature, known as Docker Content Trust, is the main attraction of Docker 1.8, the latest version of the tool suite that was announced on Wednesday. "Before …
Neil McAllister, 13 Aug 2015
Toilet

Sysadmins disposed of Heartbleed certs, but forgot to flush

Sysadmins' need for sleep and attempts to stop working at weekends have slowed down the response to Heartbleed, according to University of Maryland researchers – but more seriously, it's possible that a bunch of half-fixed websites retain some vulnerability to the bug. The problem, the researchers told the 2014 Internet …
The Register breaking news

Microsoft: 'Update your security certs this month – or else'

The good news is that Microsoft's next Patch Tuesday, due on September 11, should be a breeze, bringing just two security updates. The bad news is that October's Patch Tuesday will be a game changer, and Microsoft has cautioned Windows admins to take advantage of the lull to make sure their security houses are in order. …
The Register breaking news

Trustwave to escape 'death penalty' for SSL skeleton key

Analysis Trustwave's admission that it issued a digital "skeleton key" that allowed an unnamed private biz to spy on SSL-encrypted connections within its corporate network has sparked a fiery debate about trust on the internet. Trustwave, an SSL certificate authority, confessed to supplying a subordinate root certificate as part of an …
John Leyden, 14 Feb 2012
The Register breaking news

Comodo-gate hacker brags about forged certificate exploit

An Iranian hacker has stepped forward to claim responsibility for the SSL certificate hack against Comodo, providing an insight into how the high-profile hack might have been pulled off. The lock-picker – who claimed he had "1,000 times" the experience of any hacker or programmer – asserted that after compromising Comodo's …
John Leyden, 28 Mar 2011
The Register breaking news

PGP buys tech to offer trusted ID from the cloud

PGP Corporation has acquired privately-held TC TrustCenter and its US parent company, ChosenSecurity, as part of plans to offer trusted identity management services from the cloud. Terms of the transaction, announced Tuesday, were not disclosed. TC TrustCenter provides managed trust services for customers in the financial, car …
John Leyden, 2 Feb 2010
The Register breaking news

Crypto pioneer and security chief exits Sun

Crypto pioneer and Sun Microsystems' veteran chief security officer Whitfield Diffie has left the company, with database-giant Oracle's acquisition still in the air. According to Technology Review, Diffie is slated to be a visiting professor at Royal Holloway, University of London, after 18 years at Sun, latterly in the high- …
Gavin Clarke, 19 Nov 2009
arrow pointing up

OpenPGP presentation bug unscrambled

A flaw in the way encryption programs present data to users makes it possible for a block of unsigned and unencrypted data to appear no different to users from encrypted data in a message. The bug does not stem from a flaw in encryption but in the way in which OpenPGP, the standard for transmitting PGP-encrypted data, is …
John Leyden, 8 Mar 2007

Create a news alert about pki, or find more stories about pki.

Biting the hand that feeds IT © 1998–2017