Skip to content

Overcoming Distrust in CAs Using External Quality Enforcement

Posted by Hagai Bar-El on | Categories: Categories: IT security
| Defined tags for this entry:

A few weeks ago, I wrote about the inherent limitations of the certification model. This model cannot be expected to provide a solution to the binding of entities to public keys, primarily because Certification Authorities (CAs) have no financial incentive in performing thorough investigation on who they issue certificates to; and often on the contrary.

There is probably more than one solution to this problem. Let us examine one of them: External quality enforcement

Continue reading "Overcoming Distrust in CAs Using External Quality Enforcement"

Recommended Podcast: Security Now

Posted by Hagai Bar-El on | Categories: Categories: Podcasts & shows

There are many IT security podcasts out there; too many, perhaps. Certainly too many to listen to. The challenge is to decide on which ones to follow on a regular basis. I became aware of a good candidate a couple of years ago, and since it retained its qualities (listed below) over time, I figured it is worth mentioning.

This podcast is called: “Security Now” and it is featured by Steve Gibson and Leo Laporte. Leo is a good host. He manages the show and its topics well, all in a healthy, joyful, spirit. Steve is a well-known security expert, and the creator of SpinRite — a disk maintenance and recovery tool.

Continue reading "Recommended Podcast: Security Now"