最高の Pki ポッドキャスト (2025)

1
Root Causes 489: Does AI Nullify E2EE? 12:04

22h ago12:04

12:04

Does AI kill end-to-end encryption? There is a contention that the presence of AI agents in the workstream will render your confidential information visible outside the encrypted communication channels and therefore that E2EE is pointless. We explore this argument.Tim Callan and Jason Soroko による

1
Root Causes 488: CABF Face-to-Face Meeting Update 5:37

3d ago5:37

5:37

We explain the major news items from the most recent CA/Browser Forum face-to-face meeting in Tokyo. Topics include MPIC, 47-day certificate term, and Temporary Restraining Orders.Tim Callan and Jason Soroko による

1
Root Causes 487: Security 2030 46:40

9d ago46:40

46:40

Jason and I take a peek forward at what we imagine IT security looks like in 2030. Topics include PQC, ZTNA, "green zones," deep fakes, IoT, connected cars, agentic AI, blockchain, and CLM.Tim Callan and Jason Soroko による

1
Root Causes 486: 47-day Maximum Term Ballot Passes CABF 11:11

11d ago11:11

11:11

Apple's ballot to step the maximum term for public SSL certificates down to 47 days has passed in the CA/Browser Forum. We explain.Tim Callan and Jason Soroko による

1
Root Causes 485: What Is Open MPIC? 20:28

12d ago20:28

20:28

Guest Dmitry Sharkov joins us to describe Open MPIC, the open-source project to help public CAs support MPIC.Tim Callan and Jason Soroko による

1
Root Causes 484: Multi Good Factor Authentication 12:46

16d ago12:46

12:46

We define multi good factor authentication, which is the idea that not all authentication factors are equal. We discuss the importance of considering authentication strength and the contextual nature of trust.Tim Callan and Jason Soroko による

1
Root Causes 483: Introducing the PQC Sandbox 22:40

18d ago22:40

22:40

We are joined by repeat guest Bruno Coulliard of Crypto4A to introduce Sectigo's new post quantum cryptography (PQC) sandbox. The PQC sandbox allows you to get quantum resistant certificates in your hands to understand how they work with your systems.Tim Callan and Jason Soroko による

1
Root Causes 482: Microsoft and PQC 14:38

23d ago14:38

14:38

In this episode we explore the potential PQC future for Microsoft Active Directory Certificate Services, aka MSCA. We discuss potential paths for Microsoft to take and their consequences.Tim Callan and Jason Soroko による

1
Root Causes 481: What Is Protocol Ossification? 11:49

25d ago11:49

11:49

Protocol ossification is the phenomenon whereby ecosystems fail to work correctly with the full range of options included in a protocol. This occurs when individual software components only partially support the capabilities that should be available. We define protocol ossification, explain how and why it occurs, give real world examples, and talk …

1
Root Causes 480: White House PQC Executive Order 10:22

1M ago10:22

10:22

Many people believe that the Trump White House rescinded an important cybersecurity executive order from late days of the Biden administration. We set the record straight.Tim Callan and Jason Soroko による

1
Root Causes 479: AI Adversarial Machine Learning 13:10

1M ago13:10

13:10

In this episode we discuss the thinking on how adversaries can exploit the flaws in AI models to achieve unexpected and dangerous results. We explore some potential paths of defense against attacks of this sort.Tim Callan and Jason Soroko による

1
Root Causes 478: Should We All Switch from RSA to ECC? 16:01

1M ago16:01

16:01

RSA is under attack. Even without the quantum threat, we face the possibility of smart new exploits reducing the viable RSA key space and rendering it unsafe. In this episode we discuss the merits of choosing ECC over RSA as soon as today.Tim Callan and Jason Soroko による

1
Root Causes 477: Comparative Security Philosophies 17:51

1M ago17:51

17:51

We discuss how various popular computing platforms approach security and highlight the differences between them.Tim Callan and Jason Soroko による

1
Root Causes 476: The Need for Security KPIs 16:34

2M ago16:34

16:34

Jason recounts a 2024 Black Hat talk about the need for objective measurements of our IT defenses and whether the good guys or bad guys are winning. Jason breaks down how to define and measure the impact of security measures.Tim Callan and Jason Soroko による

1
Root Causes 475: Can Your AI Scheme Against You? 15:56

2M ago15:56

15:56

It's the stuff of science fiction! Interesting research shows how today's AI technology is capable of lying to and scheming against its human owners in service of its goals.Tim Callan and Jason Soroko による

1
Root Causes 474: Explaining Shor's Algorithm 21:12

2M ago21:12

21:12

We talk a lot about Shor's Algorithm in our discussion of post quantum cryptography (PQC). In this episode Jason explains Shor's algorithm for non-quantum physicists.Tim Callan and Jason Soroko による

1
Root Causes 473: Does Security Software Lack Creativity? 10:08

2M ago10:08

10:08

Jason reports on a 2024 Black Hat keynote about how modern software development practices inhibit innovation and invention.Tim Callan and Jason Soroko による

1
Root Causes 472: AI Offensive Modeling 11:14

2M ago11:14

11:14

AI tools are now available to perform red-teaming activity for DevSecOps. Such tools are soon to be table stakes in the constantly escalating IT security arms race. Join us to learn more.Tim Callan and Jason Soroko による

1
Root Causes 471: ACME for PQC 21:28

2M ago21:28

21:28

In this episode, guest Alexandre Giron explains what is needed to support post quantum cryptography (PQC) with ACME.Tim Callan and Jason Soroko による

1
Root Causes 470: The MFA False Equivalency Fallacy 11:53

2M ago11:53

11:53

Not all forms of MFA are equally secure. In this episode we describe the differences between the more secure and less secure forms of MFA.Tim Callan and Jason Soroko による

1
Root Causes 469: The All or Nothing Fallacy in Cybersecurity 7:14

2M ago7:14

7:14

In this episode we explain the all-or-nothing fallacy in cybersecurity and how it's affecting debate in the WebPKI right now.Tim Callan and Jason Soroko による

1
Root Causes 468: UK Demands New Backdoor from Apple 10:25

2M ago10:25

10:25

A new demand from the UK seeks complete access to all Apple cloud data housed in the UK, regardless of the data owners' citizenship and residency. We unpack this latest development in Government versus Encryption.Tim Callan and Jason Soroko による

1
Root Causes 467: Decoupling Public from Private Use Cases 9:41

2M ago9:41

9:41

The past year has seen a great deal of focus on the use of public TLS certificates where private root certificates are actually the appropriate solution. In this episode we discuss the differences between these two use cases and what IT organizations can do about it.Tim Callan and Jason Soroko による

1
Root Causes 466: Apple Moves 47-day Ballot to CABF Vote 31:21

2M ago31:21

31:21

Apple is proceeding with a ballot that eventually will shorten SSL certificate maximum term to 47 days. Accompanying the ballot, Apple released a statement explaining its intent with the ballot. In this episode we unpack its statements.Tim Callan and Jason Soroko による

1
Root Causes 465: Twelve Bugzilla Sins for CAs to Avoid 42:49

3M ago42:49

42:49

In the wake of the Bugzilla Bloodbath, we list and describe twelve sins CAs commit on Bugzilla and its like, why they're detrimental, and how CAs should avoid them.Tim Callan and Jason Soroko による

1
Root Causes 464: Defending Against Harvest and Decrypt 9:49

3M ago9:49

9:49

Harvest and decrypt is a well-known attack vector against traditional cryptography prior to PQC. In this episode, we discuss what enterprises should be doing today to defend themselves against harvest and decrypt.Tim Callan and Jason Soroko による

1
Root Causes 463: Cellular Networks Are Insecure 12:21

3M ago12:21

12:21

In this episode we explain that all cellular networks, contrary to popular belief, are fundamentally insecure.Tim Callan and Jason Soroko による

1
Root Causes 462: Crypto War 3.0 22:17

3M ago22:17

22:17

In this episode we walk through the evolution of the war on cryptography, from the beginning up through today, terminating in what we call Crypto War 3.0.Tim Callan and Jason Soroko による

1
Root Causes 461: Sectigo Acquires Entrust Public CA Business 10:28

3M ago10:28

10:28

Sectigo today announced the acquisition of the Entrust public CA business. Entrust will go forward as a Sectigo reseller. Join us to learn the details.Tim Callan and Jason Soroko による

1
Root Causes 460: The State of PQC with Michele Mosca 31:48

3M ago31:48

31:48

In this episode we are joined by Dr. Michela Mosca. We discuss his pioneering work identifying the need for post-quantum cryptography, where PQC stands today, and what the future may hold.Tim Callan and Jason Soroko による

1
Root Causes 459: 2024 Lookback - Shortening Certificate Lifespans & DCV 12:20

3M ago12:20

12:20

2024 set in motion major changes for certificate lifespans and DCV. In this episode we discuss the Apple 47-day proposal, stepping down certificate term, public versus private CA use cases, DCV reuse periods, MPIC, WHOIS, and other topics.Tim Callan and Jason Soroko による

1
Root Causes 458: Apple Extends Entrust Distrust to SMIME and VMC 8:47

3M ago8:47

8:47

Apple has added itself to the Entrust distrust and has extended this distrust to S/MIME and VMC. We explain.Tim Callan and Jason Soroko による

1
Root Causes 457: 2024 Lookback - Guests 11:26

3M ago11:26

11:26

We had a remarkable year on the Root Causes podcast in terms of our guests. We look back at the extremely expert guests we were lucky to talk about in 2024.Tim Callan and Jason Soroko による

1
Root Causes 456: 2024 Lookback - Bugzilla Bloodbath 11:24

3M ago11:24

11:24

In this 2024 lookback episode, we give an overview of the firestorm of Bugzilla incidents that we refer to as the Bugzilla Bloodbath. The Bugzilla Bloodbath affected actions around the Entrust distrust, delayed revocation reform, 47-day SSL certificate maximum term, linting, and more.Tim Callan and Jason Soroko による

1
Root Causes 455: PQC Standardization in IETF 35:54

4M ago35:54

35:54

We talk with guest Sofia Celi of Brave Browser, who leads the IETF PQC standardization effort, about the process of setting standards for PQC-compatible digital certificates. We learn about expected timelines, hybrid strategies, the NIST PQC onramp's role, and more.Tim Callan and Jason Soroko による

1
Root Causes 454: 2024 Lookback - Post quantum cryptography (PQC) 7:45

4M ago7:45

7:45

2024 was an eventful year for post quantum cryptography (PQC). This includes FIPS standards, the PQC onramp, and the dawn of widespread interest among IT professionals.Tim Callan and Jason Soroko による

1
Root Causes 453: It Turns Out Monkeys Couldn't Type Shakespeare After All 14:12

4M ago14:12

14:12

The old adage states that a monkey in front of a keyboard, given enough time, could randomly type the works of Shakespeare. Apparently, someone ran the numbers and said not so much. We break it down and explain why we're discussing this on a PKI podcast.Tim Callan and Jason Soroko による

1
Root Causes 452: 2024 Predictions Scorecard 10:38

4M ago10:38

10:38

We go over our predictions for 2024 and score our ability as prognosticators.Tim Callan and Jason Soroko による

1
Root Causes 451: A Year in CABF Ballots 34:48

4M ago34:48

34:48

It was a crazy year for CA/Browser Forum activity, with nearly three times the normal number of ballots. Guest Martijn Katerbarg goes over the 32 CABF ballots from 2024.Tim Callan and Jason Soroko による

1
Root Causes 450: 2025 Predictions 48:29

4M ago48:29

48:29

We make our 2025 predictions. Topics include maximum certificate term, AI, post-quantum cryptography (PQC), deep fakes, and more.Tim Callan and Jason Soroko による

1
Root Causes 449: What Is a Quantum-safe HSM? 23:48

4M ago23:48

23:48

Repeat guest Bruno Coulliard of Crypto4A joins us to define a quantum-safe (or PQC enabled) hardware security module.Tim Callan and Jason Soroko による

1
Root Causes 448: The Privilege of Being a Public CA 25:39

4M ago25:39

25:39

We go over Tim's September 2024 keynote speech at ENISA CA Day, "The Privilege of Being a Public CA."Tim Callan and Jason Soroko による

1
Root Causes 447: NIST Deprecates RSA-2048 and ECC 256 13:46

4M ago13:46

13:46

As part of its post-quantum cryptography (PQC) initiative NIST has released a draft deprecating RSA-2048 and ECC 256 by 2030 and disallowing them by 2035. We get into the details.Tim Callan and Jason Soroko による

1
Root Causes 446: Sectigo Assumes Five CABF Offices 13:20

4M ago13:20

13:20

Tim has stepped into the position of vice-chair of the CA/Browse Forum, and Sectigo now holds five chair or vice-chair positions in that body. We explain how leadership is chosen, the offices Sectigo holds today, and some of our vision for CABF in the next two years.Tim Callan and Jason Soroko による

1
Root Causes 445: Seven Reasons to Shorten Certificate Lifespans 27:56

5M ago27:56

27:56

We take a deep dive into the seven reasons shorter certificate lifespans are better.Tim Callan and Jason Soroko による

1
Root Causes 444: What Happens to the WebPKI if Google Sells Chrome? 19:25

5M ago19:25

19:25

We discuss how a potential break of Chrome from Google would affect the WebPKI. We look at product changes, resourcing, post-quantum cryptography (PQC), innovation, moonshot initiatives, and other public CAs.Tim Callan and Jason Soroko による

1
Root Causes 443: Is MSCA Going Away? 13:22

5M ago13:22

13:22

In this episode we discuss the challenges for enterprises using Microsoft Active Directory Certificate Services (ADCS).Tim Callan and Jason Soroko による

1
Root Causes 442: Apple Proposal to Reduce SSL Lifespan Updated 22:13

5M ago22:13

22:13

Apple has published an updated draft to its proposal for shortening the lifespan of SSL certificates, including a final maximum term of 47 rather than 45 days. We explain.Tim Callan and Jason Soroko による

1
Root Causes 441: New White House Initiative Targets BGP 14:52

5M ago14:52

14:52

A new White House initiative requires that federal agencies need to create plans to thwart BGP attacks. We discuss, including Resource PKI (RPKI) and Multi-Perspective Issuance Corroboration (MPIC).Tim Callan and Jason Soroko による

1
Root Causes 440: Public Key Directories 12:57

5M ago12:57

12:57

We talk about public key directories and complicating factors such as Tailscale, VPN, TOR, Cloudflare, and Zero Trust.Tim Callan and Jason Soroko による

聞く価値のあるポッドキャスト

ポッドキャスト Pki

聞く価値のあるポッドキャスト

クイックリファレンスガイド