Tim Callan

Chrome's deadline for deprecation of the clientAuth EKU and mTLS in public certificates has moved out. We give you the what, when, and why. https://t.co/C7UwoXqa7Q

It would be easy to believe that the amount of risk posed to the WebPKI by any individual public CA is somehow proportional to the number of active certificates that CA has. This is false, however. In this episode we address this misconception. https://t.co/rQLalJg12F

We recently heard the argument that it's simply too expensive to develop a cryptographically relevant quantum computer. We vehemently disagree. In this episode we explain why. https://t.co/NrzykXzjxw

It's cryptographic Frogger from here on out. The transition to PQC is not just a change in cryptographic algorithms but also a fundamental shift in how we treat our cryptography. IT systems need to be fundamentally crypto agile as never before. https://t.co/55plNgpb9b

Jason describes a recent intrusion almost entirely operated by off-the-shelf AI tools. This is an important milestone in security. We describe its potential consequences. https://t.co/u22rKJioqk

We expand on the concept of trust-now-forge-later to list a whole bevy of additional attacks that eventually will be enabled by cryptographically relevant quantum computers. https://t.co/LKQH8dQe3R

We all love a good manifesto! Jason spells out the ten principles of the Cryptographic Inventory Manifesto, and we discuss. https://t.co/fHeZG7tHJC

We look at the new European DORA and NIS2 regulations and how Certificate Lifecycle Management is a key requirement to meet these requirements. You will be surprised how explicit these requirements are. https://t.co/IpHXLDO3wi

In an innovative application, an AI has been used to find private keys for ECC (Elliptic Curve Cryptography) P 256. We explain how. https://t.co/Bw2IjcWy5n

New research indicates that the number of qubits necessary to achieve cryptographic relevance has reduced by two orders of magnitude. We cover this breaking news and its implications. https://t.co/W4euHlNDHu

By CABF ballot all manual methods of Domain Control Validation (DCV) will be deprecated by 2028. We explain which methods are due for deprecation and when. https://t.co/cqBgS6y0En

We go over the qualities in abstract of a use case that strongly invites the use of hybrid certificates and then run down a list of specific use cases. This includes OT systems, code signing, secure boot, WiFi, enterprise S/MIME, and more. https://t.co/ChVuUXqlRq

In this episode Jason declares that we must make cryptography boring again. We get into what that means and why it matters. https://t.co/o7tKsPpwq9

We have seen much talk of the upcoming drop of maximum TLS term to 200 days, followed by 100 days, and eventually down to 47 days. It happens that all those numbers are too large and the actual maxima will be less than that. We explain. https://t.co/4O7oy5GBz8

March 2026 is due to be the most eventful month in the history of the WebPKI. Join us as we go over all the many changes coming next month. https://t.co/lMBcRlJYXs

A large investment firm divests from Bitcoin for fear of the quantum threat. https://t.co/22TWcAaS7y

Everybody knows about March 15 and the drop in maximum public TLS certificate term to 200 days. But that only scratches the surface on key dates with this maximum term reduction. Join us as we go over "all the dates" for TLS maximum term reduction. https://t.co/kE4fpHvNOr

Every new year on the Root Causes Podcast we make predictions for the year to come, and every year we go back and see how we did. This is the first of two parts scoring our 2025 predictions. https://t.co/Dz1abq0gFb

We discuss the idea that not all cryptographic entropy is equally "random" and potential consequences. https://t.co/l6hUfaYqah