SSL/TLS Review: June 2020

Interesting SSL/TLS discussions — recaps news, trends and opinions from the industry.

Entrust

• Frost & Sullivan Market Report Suggests TLS/SSL Industry Needs to Collaborate Better

CA Security Council

• How to do HTTPS … The Right Way
• Could Quantum Computing Help Stave Off the Next Great Pandemic?

398-day certificate validity

• Google Chrome to Join Apple’s Safari in One Year Certificate Validity
• Apple strong-arms entire CA industry into one-year certificate lifespans
• Apple’ Safari Pushes Entire CA Industry To One-Year Certificate Lifespans Starting September 1
• Google joins Apple in limiting web certificates to one year
• Certificate Lifetimes Reduced to One Year

Expiring CA Certificates

• The mystery of the expiring Sectigo web certificate
• The Impending Doom of Expiring Root CAs and Legacy Clients
• The Complexities of Chain Building and CA Infrastructure

Path Building vs. Path Verifying

• The Chain of Pain
• Implementation Showdown

Bulletproof TLS Newsletter #66

• Expired AddTrust certificate causes trouble

Other News & Notes

• The Register and Lettuce Encrypt, Encrypt We Must: Hobby projects change name after Let’s Encrypt fires off trademark complaints
• Andrew Ayer provides Security Review of CFSSL Signer Code and Writing an SNI Proxy in 115 Lines of Go
• Naked Security advises United States wants HTTPS for all government sites, all the time
• Hashedout writes New Gov Domains to Force HTTPS: HSTS Preloading Will Be Enabled Starting Sept. 1
• Scott Helme discusses Cross-Signing and Alternate Trust Paths; How They Work