Everyone's talking about it: The Great Certificate Revocation Storm of 2014. Because of the Heartbleed bug, a very large number of SSL/TLS web sites need to revoke and reissue their certificates. The ...

RSA CONFERENCE 2012 -- San Francisco, Calif. -- The way that browsers perform SSL certificate-revocation checking is so fundamentally flawed that some browser vendors have turned it off altogether, ...

As part of its response to the Flame malware and its usage of a forged Microsoft certificate to sign malicious files, Microsoft has changed the way that Windows handles certificates, releasing an ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

This article was originally published on Scott Helme’s blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as ...

Google's Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company's top engineers compared it to seat belts that break ...

Having your computer check for certificate revocation on a server tells you if the certificate being used has been revoked by the certificate authority before it was set to expire. Internet Explorer ...

Certificates need to be revoked for all sorts of reasons, but the process is so slipshod, some propose an entirely new system. Why not just enforce existing rules instead? As much as I love public key ...

Several CAs (Certificate Authorities) have formed an advocacy group called the CASC (Certificate Authority Security Council), which will focus on promoting new security standards, policies and best ...

Google’s Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company’s top engineers compared it to seat belts that break ...