RSASSA-PSS – Why Your Certificate Can’t Be Validated
A common theme has been arriving in my email box lately as well as many online forums. Consistently people are reporting error with certificates issued by their internal Microsoft ADCS based CAs. Problems range from Apple devices, Firefox, appliances and many other systems. When people examine their certificates they see that their certificates are SHA […]
Cyber Attacks, Code Signing, and the Digital Supply Chain
Hello again! Welcome to my second blog. Going to shift gears a bit from my personal PKI journey to discuss cyber-attacks. With the recent SolarWinds and Colonial Pipeline incidents, cyber-attacks have been dominating the news. These are just two of the latest in a string of attacks that are becoming all too frequent. These assaults present a […]
Certificate Template Request Hash – The Real Story
With a lot of focus on moving from SHA1 to SHA256, one question that I get a lot of is how to get certificates issued with SHA256. The short answer is that a CA signs everything is creates with a single hash signature algorithm. There is no mechanism that enables per-template based signature hash specification. […]
Are You Preparing for Quantum?
Quantum supremacy is looming…some year in the future. However, contrary to what you may have heard, the advent of quantum computing won’t spell the end to encryption as we know it. That is, if enterprises take the necessary steps to prepare for a post-quantum future. Enterprises must begin the process of assessing their current systems, […]
Announcing the Online PKI Assessmental Portal
Editor’s Note (2025 Update): The Online PKI Assessment Portal is no longer offered. Its capabilities have evolved into PKI Spotlight—a modern platform designed to give you continuous visibility into the health and security of your PKI. If you’re considering an assessment today, Spotlight is where to start. Contact us to learn how you can get […]