December 24, 2024

Archives for 2013

Turktrust Certificate Authority Errors Demonstrate The Risk of "Subordinate" Certificates

Update: More details have continued to come out, and I think that they generally support the less-paranoid version of events. There continues to be discussion on the mozilla.dev.security.policy list, Turktrust has given more details, and Mozilla has just opened up for public viewing their own detailed internal response documentation (including copies of all of the […]

Report on the NSF "Secure and Trustworthy Cyberspace" PI meeting

The National Science Foundation (NSF) Secure and Trustworthy Cyberspace (SaTC) Principal Investigator Meeting (whew!) took place Nov. 27-29, 2012, at the Gaylord Hotel just outside Washington, DC.  The SaTC program is NSF’s flagship for cybersecurity research, although it certainly isn’t the only NSF funding in this area.  The purpose of this blog posting is to […]