
Sign up to save your podcasts
Or


A recently identified and widespread configuration error has created a situation where, with the wrong attack on certain public roots, certificates could become essentially unrevokable. As a consequence, 14 public CAs will have to revoke their OCSP certificates, many of which are also intermediates, and permanently discontinue use of their keys. That leaves millions of active TLS, S/MIME, code signing, and document signing certificates in need of immediate replacement or they will be distrusted. Join our hosts as they explain what the problem is and what messy cleanup will be required to address these problems.
By Tim Callan and Jason Soroko5
1515 ratings
A recently identified and widespread configuration error has created a situation where, with the wrong attack on certain public roots, certificates could become essentially unrevokable. As a consequence, 14 public CAs will have to revoke their OCSP certificates, many of which are also intermediates, and permanently discontinue use of their keys. That leaves millions of active TLS, S/MIME, code signing, and document signing certificates in need of immediate replacement or they will be distrusted. Join our hosts as they explain what the problem is and what messy cleanup will be required to address these problems.

30,666 Listeners

188 Listeners

2,009 Listeners

1,657 Listeners

369 Listeners

375 Listeners

648 Listeners

1,030 Listeners

8,051 Listeners

313 Listeners

192 Listeners

7,995 Listeners

6,089 Listeners

10,182 Listeners

45 Listeners