RSA CONFERENCE 2012 -- San Francisco, Calif. -- The way that browsers perform SSL certificate-revocation checking is so fundamentally flawed that some browser vendors have turned it off altogether, ...

As part of its response to the Flame malware and its usage of a forged Microsoft certificate to sign malicious files, Microsoft has changed the way that Windows handles certificates, releasing an ...

This article was originally published on Scott Helme’s blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as ...

Google's Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company's top engineers compared it to seat belts that break ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

Certificates need to be revoked for all sorts of reasons, but the process is so slipshod, some propose an entirely new system. Why not just enforce existing rules instead? As much as I love public key ...

Having your computer check for certificate revocation on a server tells you if the certificate being used has been revoked by the certificate authority before it was set to expire. Internet Explorer ...

Several CAs (Certificate Authorities) have formed an advocacy group called the CASC (Certificate Authority Security Council), which will focus on promoting new security standards, policies and best ...

Google’s Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company’s top engineers compared it to seat belts that break ...