Created with Sketch.
Root Causes: A PKI and Security Podcast
13 minutes | Aug 29, 2021
Root Causes 181: Limitation of DCV Through Web Site Changes
This December will see a meaningful change in how CAs are allowed to conduct Domain Control Validation (DCV) using the method known as https token or file authentication or agreed up on change to web site. This method will be removed as an option for "domain spaces" including wildcards and subdomains. Join our hosts as they explain how DCV works and how the rules are changing and why. And we clarify the available options for those changing their preferred DCV methods.
12 minutes | Aug 26, 2021
Root Causes 180: PetitPotam MSCA Attack
The PetitPotam attack against Microsoft CA has garnered a lot of attention. Our hosts describe this attack and define related terms like Mimikatz, pass-the-hash, and NTLM Relay. The episode goes on to give a roadmap for mitigating this attack , including free resources available to help defend against PetitPotam.
14 minutes | Aug 23, 2021
Root Causes 179: Standards for Certificates Apart from SSL
Regular followers of this podcast hear a great deal about SSL, the CA/Browser Forum, and the standards governing public SSL. But SSL is not the only regulated type of public digital certificate. There are also things like S/MIME, eIDAS, code signing, document signing, and SSH certificates. In this episode our hosts discuss these "other" certificate types and the rules and regulations governing them.
14 minutes | Aug 20, 2021
Root Causes 178: Stealing Cryptocurrency
In this episode our hosts go through the various ways in which cryptocurrency can be stolen or lost, including private key compromise, security failures at cryptocurrency brokers, and theft of login credentials. Our hosts also discuss how manipulation of the public ledger could also lead to unfair distribution of cryptocurrency value.
20 minutes | Aug 9, 2021
Root Causes 177: What Is Passwordless?
A hot, new topic in the identity space is passwordless. Join our hosts as they explain credential form factors and offer a specific definition of passwordless, including the difference between PINs and passwords.
27 minutes | Aug 5, 2021
Root Causes 176: Introducing State-Locality Exclusivity
Sectigo is implementing an important change to its public-facing SSL certificate business, which we call State-Locality Exclusivity. This change removes a the localityName field, a very common field in SSL certificates. In this episode our hosts explain what the localityName field is, why we are removing it, and how this change is to the benefit of SSL Subscribers and Relying Parties.
21 minutes | Aug 2, 2021
Root Causes 175: What Is a Linter?
Linters have been a standard programming tool for more than four decades. This venerable coding tool has recently taken on new significant in the world of public certificates. In this episode our hosts explain linters and how they are applied to SSL certificates.
17 minutes | Jul 27, 2021
Root Causes 174: Windows 11 and TPMs
Microsoft has announced that its upcoming Windows 11 release will require TPM 2.0 support at a minimum. TPM 2.0 enables more modern hashing and encryption algorithms than previous versions. Our hosts discuss the implications of this announcement.
18 minutes | Jul 22, 2021
Root Causes 173: Whitelisting and Blocklisting
Whitelisting and blocklisting are tried and true elements of the computer industry. In this episode our hosts define whitelisting and blocklisting and the pros and cons of either, with lots of examples from the real world. We discuss fuzzy entities, the scaling problem, layered defenses, and the trouble with active attackers.
16 minutes | Jul 13, 2021
Root Causes 172: What Is an NFT?
If you have paid any attention at all to popular media in the past few months, you will have heard about non-fungible tokens, or NFTs. NFTs are a method of uniquely identifying a digital asset using blockchain technology, and they are big news in the art and media world. Join our hosts as they explain the difference between fungible and non-fungible tokens, how NFTs work, and the significance of publicly asserting ownership for digital files.
22 minutes | Jul 8, 2021
Root Causes 171: The Off-by-One-Second Problem
Today our hosts explore an esoteric but important error in public certificates that we call the off-by-one-second problem. We explain this problem, how it occurs, and its broader implications.
19 minutes | Jul 1, 2021
Root Causes 170: Why Is Canada So Good at Cryptography?
In celebration of Canada Day, our hosts discuss why Canada in particular offers a disproportionately large contribution to cryptography. We examine historic reasons and the real-world consequences of Canada being a center for cryptographic excellence.
24 minutes | Jun 25, 2021
Root Causes 169: Bitcoin and the Anonymity Fallacy
In the developing story of the Colonial pipeline ransomware attack, the FBI recently recovered the ransom money, which had been paid in Bitcoin. In this episode we talk about how this recovery might have occurred.
19 minutes | Jun 21, 2021
Root Causes 168: The Difference Between e-Signing and Digital Signing
In our technology discussions we frequently run into confusion about the relationship between electronic document signing and digital document signing. Despite the similarity in names, they are entirely different technological approaches to providing trustworthy electronic signed documents. In this episode we explain the two terms, their distinct definitions, and some of the pros and cons of each approach.
20 minutes | Jun 15, 2021
Root Causes 167: Colonial Pipeline Ransomware Attack
The recent ransomware attack against the Colonial pipeline has captured the news cycles in recent weeks. In this first episode of two our hosts begin to unpack what it known about this attack and how digital identity and PKI fit in.
10 minutes | Jun 7, 2021
Root Causes 166: The Trouble with OU Fields
Of all aspects of public SSL certificates, few are as controversial as the OU field. Standing for Organizational Unit, this field is beloved by a few enterprises and hated by security watchers. It's also under fire in the CA/Browser Forum. Join our hosts as they explain the history of the OU field and why it's an industry flashpoint, including their predictions for the future of the OU field.
27 minutes | Jun 2, 2021
Root Causes 165: Blockchain - Proof of Work Versus Proof of Stake
In our ongoing examination of blockchain, we define proof of work and proof of stake as consensus algorithms for updating the public ledger. We explain their differences and get into the problems with proof of work and the reasons proof of stake is emerging as a promising new consensus algorithm. We touch on the consequences of these algorithms on other aspects of society as well.
11 minutes | May 20, 2021
Root Causes 164: Examining MFA Through out-of-Band Phone Calling
In our ongoing series of episodes on MFA, we explore the plusses and minuses of out-of-band phone calling. Our hosts explain how this form of MFA works, what attacks it defends against successfully, and what attacks can circumvent it.
13 minutes | May 12, 2021
Root Causes 163: What Puts the I in PKI?
PKI stands for Public Key Infrastructure. In this episode we focus on the word infrastructure. Our hosts discuss the key qualities of credential form factors, how they are separate and distinct from the infrastructure surrounding them, and the minimum capabilities necessary to refer to a public-private key system as PKI.
14 minutes | Apr 21, 2021
Root Causes 162: What Is Sideloading?
In a recent interview Tim Cook took a strong stance against application sideloading as a danger to mobile devices. In this episode we explain sideloading, its potential dangers, and the underlying motivators behind the sideloading debate.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2021