PKI Blog

Top 5 Root CA Key Signing Ceremony Mistakes

Posted by Wayne Harris on Aug 31, 2016 9:03:30 AM

Trust, as it pertains to most components within a Public Key Infrastruture (PKI) is earned. It’s established as the result of some sort of evaluation. An evaluation that often involves a revocation check or policy check.

In the case of the root CA however, trust is *not* earned. In the case of the root CA, trust is assigned. This assigned trust is quite often mandatory from the perspective of subscribers and relying parties.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Root CA Security, Root CA Key Signing Ceremony Mistakes

Let’s Get Physical – Securing Your Enterprise’s Root Certificate Authority

Posted by Max Szaniawski on Jun 1, 2016 10:20:24 AM

Having the privilege to work with some of the best, if not the best PKI and security professionals in the field, I have learned the extreme importance of the practices used in securing the root certification authority (CA) platform. This includes software level security, hardware level security, and physical security.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Securing a root CA, Root CA Security

Broken Trust: Symantec's Untrusted Verisign Root CA

Posted by Michael F. Starke on Dec 18, 2015 4:32:22 PM

Left in the Dark: When the Sun Sets Too Early

The Internet security landscape is constantly changing.  Data drives the decisions that organizations make about their security posture; when that data is incomplete, forecasting the consequences of security changes becomes nearly impossible.  Earlier this month, at the prompting of Symantec Corporation, Google has removed trust for a legacy Verisign CA root certificate from their products including the Android mobile operating system and Chrome web browser.

Read More

Topics: SSL certificate, certificate research, root CA

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?