Why October 1, 2026, could be the day SSL/TLS certificates break the Internet

The 200-day certificate limit starts March 15. Is your organization ready for the fallout?
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains, removal of Client Authentication EKU, and shorter certificate validity periods.

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
NetEye Blog

Abusing trust boundaries between TLS and HTTP

When the access control decision is made at the TLS layer but the routing decision is made at the HTTP layer, you’re ...
Network World

How does certificate-based authentication work?

Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key ...
Infosecurity-magazine.com

Flaw in TLS/SSL Certificates Allows Covert Data Transfer

A new method of covert channel data exchange has been uncovered. It uses a well-known and widely implemented public key certificates standard (X.509), which is a hallmark of both TLS and SSL IP ...
CSOonline

Safely deploying TLS certificates: 5 common mistakes to avoid

A Transport Layer Security (TLS) certificate is a vital part of a balanced security breakfast, but millions of organizations are still eating Frosted Fruity Squiggles (with Extra Sugar inside!) and ...
ZDNet

It's 2018, and network middleware still can't handle TLS without breaking encryption

An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances ...