The reliability of cryptographic algorithms is largely a matter of conjecture based on track record. Proving security is impaired by the difficulty of formal verification, implementation weaknesses, and failure in randomness.

The first of the five pillars of Certificate Lifecycle Management (CLM) is discovery. While many of your certificates are easily discoverable, some difficult PKI remains.

The UK Online Safety Act intends to force vendors who sell hardware and software to allow the government to scan end-to-end encrypted communication on end devices. We once again marvel at governments seeking to undermine the security of their own citizens.

Google has taken a strong position supporting Merkle Tree Certificates (MTC) as the PQC-enabled future for SSL / TLS. We unpack this extremely important position from the WebPKI's most influential organization.

A new paper from Google Quantum AI and others documents a new technique for breaking ECC, particularly the curve protecting crypto currencies, smart contracts, and blockchain. This accelerates post quantum cryptography (PQC) timelines.

New research suggests that a cryptographically relevant quantum computer is achievable with only 10,000 qubits. This was an important contributor to Google moving its PQC target to 2029.

Google has announced that it is moving its target for full PQC support to 2029. This is a strong statement from one of the most knowledgeable PQC technology companies that the existing 2030 target is too late.

Legacy PKI implementations in the enterprise are holding back technical progress and creating security risk. We discuss reasons why, consequences, and what to do about it.

In our previous episode we defined cryptography as the new geopolitics. Now in our 600th episode we follow up to explain how all cryptographic decisions reflect the social, political, and legal viewpoints of the cryptography's designers.

In the last decade or so, nations around the world have become keenly determined to use cryptography for their own legal, economic, and military advantage. We explore this concept.

A recent CISA report declares that the nation's OT infrastructure is incapable of keeping up with the crypto agility and certificate management needs that modern security demands. We examine this finding.