The PKI Guy Blog

The PKI Guy explores IoT security with Doug Beattie of GlobalSign

By Mark B. Cooper aka "The PKI Guy" | Jun 11, 2019

Q&A with Doug Beattie, vice president of product management, GlobalSign TPG: Tell us about your scalable encryption. DB: GlobalSign is an identity services company providing cloud-based, highly scalable PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery, and community interactions. Our identity and security solutions enable businesses, large enterprises, cloud-based service providers,…

Read More

The PKI Guy discusses telecommunications with Dr. Charles Clancy of Virginia Tech

By Mark B. Cooper aka "The PKI Guy" | May 8, 2019

Q&A with Dr. Charles Clancy, executive director of Virginia Tech’s Hume Center for National Security and Technology, engineering professor, and author TPG: Tell us how you’re involved in cybersecurity for telecommunications. CC: I have been working at the intersection of cybersecurity and telecommunications for the past 20 years. When I was a PhD student, WiFi…

Read More

New Online PKI Training Courses Are a Deep Dive into Public Key Infrastructure: Critical for IT Security, IoT, 5G, and SHAKEN/STIR

By Mark B. Cooper aka "The PKI Guy" | May 2, 2019

Why Public Key Infrastructure (PKI)? A PKI is the core of IT for enterprises, supporting network authentication, data encryption, code signing and secure email. In addition, in the next two years, 42 percent of Internet of Things (IoT) devices such as temperature sensors, televisions, and smart vehicles will rely primarily on digital certificates for identification…

Read More

The PKI Guy talks enterprise security with Ryan Smith of Futurex

By Mark B. Cooper aka "The PKI Guy" | Apr 23, 2019

Q&A with Ryan Smith, vice president, global business development, Futurex TPG: Tell us about your cryptographic solutions. RS: Futurex is a global manufacturer of FIPS 140-2 Level 3 and PCI HSM validated hardware security modules and enterprise security applications. At a high level, our focus is on three areas: cryptographic processing, key and certificate management,…

Read More

Certutil Bug in Windows Server 2016 Fails to Enumerate Issuance, Application Policies and OIDs

By Mark B. Cooper aka "The PKI Guy" | Apr 2, 2019

Recently one of our colleagues at nCipher in England related to us an issue reported by one of its customers using the certutil -verify -urlfetch command against an issued end-entity certificate on Windows Server 2016 (Build 1607). Running the command with no extra options, the command indicates a failure in the output (see figure below).…

Read More

PKI Glossary of Terms

By Mark B. Cooper aka "The PKI Guy" | Apr 1, 2019

Over the course of Public Key Infrastructure (PKI) design, implementation, and management, you will encounter many terms and acronyms that are defined in this document. The biggest part of the PKI implementation process is meeting with the stakeholders to ask and answer questions about where things are, how they work, what they struggle with today,…

Read More

The PKI Guy explores data encryption with Cindy Provin of nCipher Security

By Mark B. Cooper aka "The PKI Guy" | Mar 29, 2019

Q&A with Cindy Provin, CEO, nCipher Security TPG: There has been lots of news lately about your company being acquired by Entrust Datacard. What’s the latest with nCipher Security? CP: nCipher Security is a separate company within Thales. nCipher has been operating as a separate stand-alone business within Thales since January 2019.  We continue to…

Read More

Find @ThePKIGuy at RSA Conference 2019

By Kelly Stremel | Mar 1, 2019

We thought we would have a little fun at RSA this year, with a bit of sleuthing and a cool giveaway courtesy of The PKI Guy! Maybe you need a deep-dive into Public Key Infrastructure (PKI) and Active Directory Certificate Services (ADCS) to take your PKI skills to the next level? PKI Solutions will soon…

Read More

The PKI Guy drills down on PKI operations with Jeff Stapleton, author

By Mark B. Cooper aka "The PKI Guy" | Feb 13, 2019

Q&A with J.J. Stapleton, co-author of Security without Obscurity: A Guide to PKI Operations

TPG: What practical advice do you have for an organization considering deploying a PKI solution?

JS: There are various PKI architectures to consider. An internal private PKI deployed wholly within the organization, a hosted private PKI deployed at a third-party service provider, or an external public PKI operated by a commercial third party. Each has pros and cons…

Read More