Tag: certificate authority
-
The Register: Let’s Encrypt rolls out free security certs for IP addresses
Source URL: https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/ Source: The Register Title: Let’s Encrypt rolls out free security certs for IP addresses Feedly Summary: You probably don’t need one, but it’s nice to have the option Let’s Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.… AI Summary and Description:…
-
Slashdot: AWS Forms EU-Based Cloud Unit As Customers Fret
Source URL: https://slashdot.org/story/25/06/03/2024222/aws-forms-eu-based-cloud-unit-as-customers-fret?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AWS Forms EU-Based Cloud Unit As Customers Fret Feedly Summary: AI Summary and Description: Yes Summary: The establishment of the AWS European Sovereign Cloud (ESC) reflects growing European concerns regarding data sovereignty and trust in American tech companies. This initiative highlights AWS’s commitment to strong local controls, privacy, and…
-
The Register: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
Source URL: https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/ Source: The Register Title: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps Feedly Summary: 10 other certificates ‘were mis-issued and have now been revoked’ Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without authorization, digital certs for…
-
Cloud Blog: Windows Remote Desktop Protocol: Remote to Rogue
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol/ Source: Cloud Blog Title: Windows Remote Desktop Protocol: Remote to Rogue Feedly Summary: Written by: Rohit Nambiar Executive Summary In October 2024, Google Threat Intelligence Group (GTIG) observed a novel phishing campaign targeting European government and military organizations that was attributed to a suspected Russia-nexus espionage actor we track as UNC5837. The…
-
Hacker News: Offline PKI using 3 Yubikeys and an ARM single board computer
Source URL: https://vincent.bernat.ch/en/blog/2025-offline-pki-yubikeys Source: Hacker News Title: Offline PKI using 3 Yubikeys and an ARM single board computer Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the implementation of an offline Public Key Infrastructure (PKI) system using YubiKeys and an air-gapped environment, enhancing security against network threats. This approach is particularly…
-
NCSC Feed: Provisioning and securing security certificates
Source URL: https://www.ncsc.gov.uk/guidance/provisioning-and-securing-security-certificates Source: NCSC Feed Title: Provisioning and securing security certificates Feedly Summary: How certificates should be initially provisioned, and how supporting infrastructure should be securely operated. AI Summary and Description: Yes Summary: The text discusses the implementation and management of X.509v3 certificates and Public Key Infrastructure (PKI) necessary for securing communications in networks.…
-
Hacker News: Certificate Transparency in Firefox: A Big Step for Web Security
Source URL: https://blog.transparency.dev/ct-in-firefox Source: Hacker News Title: Certificate Transparency in Firefox: A Big Step for Web Security Feedly Summary: Comments AI Summary and Description: Yes Summary: The implementation of Certificate Transparency (CT) enforcement in Firefox marks a significant advancement in web security, enhancing protection against certificate fraud and man-in-the-middle attacks. This change demands compliance from…
-
Hacker News: Setting up a trusted, self-signed SSL/TLS certificate authority in Linux
Source URL: https://previnder.com/tls-ca-linux/ Source: Hacker News Title: Setting up a trusted, self-signed SSL/TLS certificate authority in Linux Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides a detailed technical guide on generating self-signed TLS certificates using OpenSSL and creating a custom Certificate Authority (CA) for local use, particularly for testing purposes. It…
-
Hacker News: Disabling cert checks: we have not learned much
Source URL: https://daniel.haxx.se/blog/2025/02/11/disabling-cert-checks-we-have-not-learned-much/ Source: Hacker News Title: Disabling cert checks: we have not learned much Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the critical significance of certificate verification in SSL/TLS communication, particularly highlighting the history and evolution of the curl and libcurl libraries in handling SSL verification. It emphasizes the…
-
Hacker News: PostgreSQL Support for Certificate Transparency Logs Now Available
Source URL: https://blog.transparency.dev/postgresql-support-for-certificate-transparency-logs-released Source: Hacker News Title: PostgreSQL Support for Certificate Transparency Logs Now Available Feedly Summary: Comments AI Summary and Description: Yes Summary: The recent integration of PostgreSQL as a storage backend for the Trillian certificate transparency ecosystem enhances data integrity and reliability for log operators. This shift, motivated by previous log failures, allows…