KEYCHEST and HTTPS automation

KeyChest started as a simple HTTPS monitoring service. It has had its own database of all web certificates for about a year. And it helped issue first real certificates this week.

“Read More”

Security of Sensor Networks (2008)

Category : key management , security

The WINES Infrastructure project deployed wireless sensor networks to monitor large bridges (Humber bridge), tunnels (London Underground), and water systems. Our task in the project was to perform a detailed analysis of security issues in existing hardware and software platforms for wireless sensor networks.

“Read More”

Chrysalis Luna CA3

Category : key management , security

I moved some of the contents from an old website of mine. This is one of a small projects back from my time at the University of Cambridge, where we hacked a Chrysalis Luna CA3, which would now be part of SafeNet HSM portfolio.

“Read More”

Web Encryption – Punishment of SMBs by Tech Giants?

Mandating use of HTTPS / SSL certainly seems to have something in common with security certifications like FIPS140-2 or Common Criteria. Very few understand how it really helps, how complex it is but many already know how costly it can be.

“Read More”

Smartcard Systems Redesigned

We have successfully delivered the first centralized smartcard signing solution about a year ago. From this week, Windows legacy applications can use smart cards in the cloud

“Read More”

KeyChest – Unifying Public and Private Keys

KeyChest has started as an easy to use HTTPS monitoring service. What we are aiming for is a general purpose key management service, which can look after your public as well as internal web encryption keys.

“Read More”

Encryption and Databases Are Actually Similar

We have been building encryption service for a while. I grew up in the world of encryption and many things just came with experience, without being spelled out. Here’s another why I believe in “hardware encryption”.

“Read More”

JSignPdf Now Supports Remote Signing

Category : key management , security

A great news – our CloudFoxy is now supported by JSignPdf 1.6.4. You can now sign PDF with eIDAS compliant smart-cards (or OpenPGP dongles) – zero drivers or configuration on user computers.

“Read More”

Real-Time Certificate Info – 5,560,000,000 KeyChest Index

We have finally completed a GLOBAL certificate look-up table for real-time notifications in our re-designed KeyChest service. KeyChest has been using an external service to check for new certificates. This has become unsustainable due to the number of users and certificates we monitor.

“Read More”

Planning TLS certificate renewals – define a process

This text is about creating a process around planning certificate renewals. As part of our KeyChest re-design, we created a sequence of meaningful checks for TLS certificates to get them always renewed before your web services go down.

“Read More”