Let's Encrypt will begin revoking certain SSL/TLS certificates issued within the last 90 days due to a bug, starting January 28, 2022. The move could impact millions of active Let's Encrypt ...

Major certificate authorities like Apple, Google, and GoDaddy have misissued over 1.2 million TLS certificates that featured an insufficiently long serial number of only 63 bits instead of the ...

Every digital transaction—checkout, login, API call—runs on a hidden foundation of millions of machine identities. Transport Layer Security (TLS) certificates, just one type of machine identity, are ...

The organization behind Let’s Encrypt has moved quickly to fix a vulnerability which could have allowed attackers to obtain certificates for domains they did not own. The Certificate Authority (CA), ...

The Certification Authority Browser Forum has voted to reduce Secure Sockets Layer/Transport Layer Security certificates to 47 days by March 2029, in a move that will radically alter existing security ...

A decision that Apple unilaterally took in February 2020 has reverberated across the browser landscape and has effectively strong-armed the Certificate Authority industry into bitterly accepting a new ...

Wednesday’s discovery of three mis-issued TLS certificates for Cloudflare’s 1.1.1.1 encrypted DNS lookup service generated intense interest and concern among Internet security practitioners. The ...

NSA released the Cybersecurity Information Sheet, “Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique” today, warning network administrators about the risks of using poorly scoped ...

If you are looking to purchase a 2-year TLS or SSL certificate, you have only two days left before all new certificates will have a maximum 397 day validity period. Web browser and operating system ...

Knowing when an SSL/TLS certificate has been issued for a given domain is helpful in giving organizations insight into any potentially mis-issued security certificates. On December 13, Facebook ...