As part of its response to the Flame malware and its usage of a forged Microsoft certificate to sign malicious files, Microsoft has changed the way that Windows handles certificates, releasing an ...

Everyone's talking about it: The Great Certificate Revocation Storm of 2014. Because of the Heartbleed bug, a very large number of SSL/TLS web sites need to revoke and reissue their certificates. The ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

The next version of Mozilla Firefox will include a new certificate revocation list that will speed up and streamline the process of revoking intermediate certificates trusted by the browser. The new ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

2014 seems to be the year of the great certificate revocation debate. Revocation was always a sore subject with cryptoheads, but the noise level on the issue shot up to 11 this spring with the news of ...

Google's Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company's top engineers compared it to seat belts that break ...

This article was originally published on Scott Helme's blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as ...

Oracle addressed 40 security issues in Java and enabled online certificate revocation checking by default in its scheduled critical patch update for Java on Tuesday. Thirty-four vulnerabilities ...

Certificates need to be revoked for all sorts of reasons, but the process is so slipshod, some propose an entirely new system. Why not just enforce existing rules instead? As much as I love public key ...