Bruce Morton

Have worked in the public key infrastructure and digital certificate since 1997 and have focused on SSL and public trust certificates since 2005. Am an active member of the CA/Browser Forum and the CA Security Council. Always looking for new items to blog to certificate users. http://www.entrust.com/author/bruce-morton/. Also have interests in locally brewed beverages, a cure for TTP and God's country up the Ottawa Valley.

Bruce Morton
flipped into SSL, TLS and HTTPS
Using Caddy with Google Trust Services | UNMITIGATED RISK
unmitigatedrisk.com - rmhrisk
Caddy is a powerful and easy-to-use web server that can be configured to use a variety of certificate authorities (CA) to issue SSL/TLS certificates. …
Bruce Morton
flipped into SSL, TLS and HTTPS
SSL Review: November 2022 - Entrust Blog
entrust.com - Bruce Morton
The Entrust monthly SSL review covers TLS/SSL discussions — recaps, news, trends, and opinions from the industry. Entrust Trust Service Forum …
Bruce Morton
flipped into SSL, TLS and HTTPS
SSL Review: December 2022 - Entrust Blog
entrust.com - Bruce Morton
The Entrust monthly SSL review covers SSL/TLS discussions — recaps, news, trends, and opinions from the industry. Entrust Hardenize advises states …
ZeroSSL: XSS leading to session hijacking, stealing a private key (and a password hash)
Bruce Morton
flipped into SSL, TLS and HTTPS
ZeroSSL: XSS leading to session hijacking, stealing a private key (and a password hash)
google.com
Michal Špaček Jan 19, 2023, 12:06:09 PM (22 hours ago) Jan 19 to CCADB Public Hi all, I've discovered a Cross-Site Scripting (XSS) vulnerability at …
Breaking RSA with a Quantum Computer
Bruce Morton
flipped into SSL, TLS and HTTPS
Breaking RSA with a Quantum Computer
schneier.com - Bruce Schneier
A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is …
The SSL Certificate Issuer Field is a Lie
Bruce Morton
flipped into SSL, TLS and HTTPS
The SSL Certificate Issuer Field is a Lie
agwa.name - Andrew Ayer
A surprisingly hard, and widely misunderstood, problem with SSL certificates is figuring out what organization (called a certificate authority, or CA) …