Root Causes: A PKI and Security Podcast

Follow Root Causes: A PKI and Security Podcast
Share on
Copy link to clipboard

Digital certificate industry veterans Tim Callan and Jason Soroko explore the issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic and evolving computing world. Best practices in digital certificates are continually under pressure from technology trends, new law…

Tim Callan and Jason Soroko


    • Jun 19, 2025 LATEST EPISODE
    • weekdays NEW EPISODES
    • 17m AVG DURATION
    • 508 EPISODES


    Search for episodes from Root Causes: A PKI and Security Podcast with a specific topic:

    Latest episodes from Root Causes: A PKI and Security Podcast

    Root Causes 507: First Distrust of 2025

    Play Episode Listen Later Jun 19, 2025 9:32


    The first CA distrust event of 2025 comes with two simultaneous CA distrusts. We give you the details.

    Root Causes 506: Recap of CABF Face-to-face #65

    Play Episode Listen Later Jun 17, 2025 8:53


    For the first time ever, Jason and I record an episode from the floor of the CA/Browser Forum face-to-face meeting. We recap the themes of this meeting, and Jason gives his first impressions of a CABF Face-to-face.

    Root Causes 505: Trust Now, Forge Later

    Play Episode Listen Later Jun 13, 2025 10:33


    In this episode we explain the potential for future quantum computers to break files signed today with RSA or ECC, called "Trust now, forge later."

    Root Causes 504: Jason Programs a Quantum Computer

    Play Episode Listen Later Jun 10, 2025 17:48


    Jason describes his recent experience using Amazon Braket.

    Root Causes 503: What Are Hybrid and Composite PQC?

    Play Episode Listen Later Jun 6, 2025 8:03


    We explain the difference between two strategies of PQC implementation, which we call hybrid and composite.

    Root Causes 502: The PQC Game of Chicken

    Play Episode Listen Later Jun 4, 2025 10:59


    In this episode Jason explains the fallacy of "playing chicken" with the Quantum Apocalypse. We discuss stack ranking and "eyes open" PQC risk decisions.

    Root Causes 501: Why Increasing RSA Key Size Won't Solve the Quantum Problem

    Play Episode Listen Later Jun 2, 2025 3:35


    In this brief episode we explain why the problem that Shor's Algorithm poses to RSA and ECC can't be solved simply by increasing key size.

    Root Causes 500: OMG! 500 Episodes of Root Causes!

    Play Episode Listen Later May 29, 2025 20:46


    Wow. It's episode 500 of Root Causes. Jason and Tim talk about how the podcast has evolved in the past six years, how it remains consistent, and the updates we're making to keep being a valuable resource for our listeners.

    Root Causes 499: Don't Blame Signal

    Play Episode Listen Later May 27, 2025 8:37


    The recent Signal controversy highlights the importance of understanding what protections an E2EE messaging app provides, and what it does not.

    Root Causes 498: UK NCSC PQC Guidance

    Play Episode Listen Later May 23, 2025 15:31


    The UK National Cyber Security Centre (NCSC) has released new PQC guidance. We take exception to the dates it gives and explain why.

    Root Causes 497: PQC Update with Sofia Celi

    Play Episode Listen Later May 21, 2025 19:50


    Guest Sofia Celi (IETF, Brave) returns to talk about important developments in post quantum cryptography. Sofia tells us about her candidate algorithm MAYO and what is happening with the NIST PQC onramp. We learn about KEM TLS and the status of PQC initiatives in IETF.

    Root Causes 496: E2EE Gmail

    Play Episode Listen Later May 18, 2025 12:26


    Gmail is now end-to-end encrypted for all recipients, regardless of the receiving client. We explain how Gmail accomplishes this trick.

    Root Causes 495: Trust Models and Post Quantum Cryptography

    Play Episode Listen Later May 16, 2025 7:00


    We build on our Trust Models discussion to explore how organizations can structure their PKI for the transition to post quantum cryptography (PQC).

    Root Causes 494: Introduction to Trust Models

    Play Episode Listen Later May 13, 2025 21:09


    We explain the basics of trust models and compare various models including WebPKI, private CA, and consortium models.

    Root Causes 493: Disentangling Public and Private Certificate Use Cases

    Play Episode Listen Later May 7, 2025 12:10


    Changing root store requirements mean CAs must separate their root hierarchies for different certificate types. We explain why enterprises should consider private CA for some use cases.

    Root Causes 492: When Mandatory Security Training Sucks

    Play Episode Listen Later May 6, 2025 19:36


    In this episode we get excited about errors we see in mandatory security trainings.

    Root Causes 491: RSA's Non-quantum Threat

    Play Episode Listen Later May 1, 2025 31:41


    We are rejoined by Dr. Michele Mosca to explore the potential threat of RSA being broken even in the absence of a quantum computing attack.

    Root Causes 490: Chrome and Chromium

    Play Episode Listen Later Apr 28, 2025 10:02


    We define Chrome versus Chromium, explaining what each is and the difference between the two.

    Root Causes 489: Does AI Nullify E2EE?

    Play Episode Listen Later Apr 24, 2025 12:04


    Does AI kill end-to-end encryption? There is a contention that the presence of AI agents in the workstream will render your confidential information visible outside the encrypted communication channels and therefore that E2EE is pointless. We explore this argument.

    Root Causes 488: CABF Face-to-Face Meeting Update

    Play Episode Listen Later Apr 22, 2025 5:37


    We explain the major news items from the most recent CA/Browser Forum face-to-face meeting in Tokyo. Topics include MPIC, 47-day certificate term, and Temporary Restraining Orders.

    Root Causes 487: Security 2030

    Play Episode Listen Later Apr 16, 2025 46:40


    Jason and I take a peek forward at what we imagine IT security looks like in 2030. Topics include PQC, ZTNA, "green zones," deep fakes, IoT, connected cars, agentic AI, blockchain, and CLM.

    Root Causes 486: 47-day Maximum Term Ballot Passes CABF

    Play Episode Listen Later Apr 14, 2025 11:11


    Apple's ballot to step the maximum term for public SSL certificates down to 47 days has passed in the CA/Browser Forum. We explain.

    Root Causes 485: What Is Open MPIC?

    Play Episode Listen Later Apr 13, 2025 20:28


    Guest Dmitry Sharkov joins us to describe Open MPIC, the open-source project to help public CAs support MPIC.

    Root Causes 484: Multi Good Factor Authentication

    Play Episode Listen Later Apr 9, 2025 12:46


    We define multi good factor authentication, which is the idea that not all authentication factors are equal. We discuss the importance of considering authentication strength and the contextual nature of trust.

    Root Causes 483: Introducing the PQC Sandbox

    Play Episode Listen Later Apr 7, 2025 22:40


    We are joined by repeat guest Bruno Coulliard of Crypto4A to introduce Sectigo's new post quantum cryptography (PQC) sandbox. The PQC sandbox allows you to get quantum resistant certificates in your hands to understand how they work with your systems.

    Root Causes 482: Microsoft and PQC

    Play Episode Listen Later Apr 2, 2025 14:38


    In this episode we explore the potential PQC future for Microsoft Active Directory Certificate Services, aka MSCA. We discuss potential paths for Microsoft to take and their consequences.

    Root Causes 481: What Is Protocol Ossification?

    Play Episode Listen Later Mar 31, 2025 11:49


    Protocol ossification is the phenomenon whereby ecosystems fail to work correctly with the full range of options included in a protocol. This occurs when individual software components only partially support the capabilities that should be available. We define protocol ossification, explain how and why it occurs, give real world examples, and talk about potential remedies.

    Root Causes 480: White House PQC Executive Order

    Play Episode Listen Later Mar 24, 2025 10:22


    Many people believe that the Trump White House rescinded an important cybersecurity executive order from late days of the Biden administration. We set the record straight.

    Root Causes 479: AI Adversarial Machine Learning

    Play Episode Listen Later Mar 21, 2025 13:10


    In this episode we discuss the thinking on how adversaries can exploit the flaws in AI models to achieve unexpected and dangerous results. We explore some potential paths of defense against attacks of this sort.

    Root Causes 478: Should We All Switch from RSA to ECC?

    Play Episode Listen Later Mar 17, 2025 16:01


    RSA is under attack. Even without the quantum threat, we face the possibility of smart new exploits reducing the viable RSA key space and rendering it unsafe. In this episode we discuss the merits of choosing ECC over RSA as soon as today.

    Root Causes 477: Comparative Security Philosophies

    Play Episode Listen Later Mar 12, 2025 17:51


    We discuss how various popular computing platforms approach security and highlight the differences between them.

    Root Causes 476: The Need for Security KPIs

    Play Episode Listen Later Mar 10, 2025 16:34


    Jason recounts a 2024 Black Hat talk about the need for objective measurements of our IT defenses and whether the good guys or bad guys are winning. Jason breaks down how to define and measure the impact of security measures.

    Root Causes 475: Can Your AI Scheme Against You?

    Play Episode Listen Later Mar 6, 2025 17:51


    It's the stuff of science fiction! Interesting research shows how today's AI technology is capable of lying to and scheming against its human owners in service of its goals.

    Root Causes 474: Explaining Shor's Algorithm

    Play Episode Listen Later Mar 2, 2025 21:12


    We talk a lot about Shor's Algorithm in our discussion of post quantum cryptography (PQC). In this episode Jason explains Shor's algorithm for non-quantum physicists.

    Root Causes 473: Does Security Software Lack Creativity?

    Play Episode Listen Later Feb 28, 2025 10:08


    Jason reports on a 2024 Black Hat keynote about how modern software development practices inhibit innovation and invention.

    Root Causes 472: AI Offensive Modeling

    Play Episode Listen Later Feb 26, 2025 11:14


    AI tools are now available to perform red-teaming activity for DevSecOps. Such tools are soon to be table stakes in the constantly escalating IT security arms race. Join us to learn more.

    Root Causes 471: ACME for PQC

    Play Episode Listen Later Feb 23, 2025 21:28


    In this episode, guest Alexandre Giron explains what is needed to support post quantum cryptography (PQC) with ACME.

    Root Causes 470: The MFA False Equivalency Fallacy

    Play Episode Listen Later Feb 19, 2025 11:53


    Not all forms of MFA are equally secure. In this episode we describe the differences between the more secure and less secure forms of MFA.

    Root Causes 469: The All or Nothing Fallacy in Cybersecurity

    Play Episode Listen Later Feb 17, 2025 7:14


    In this episode we explain the all-or-nothing fallacy in cybersecurity and how it's affecting debate in the WebPKI right now.

    Root Causes 468: UK Demands New Backdoor from Apple

    Play Episode Listen Later Feb 14, 2025 10:25


    A new demand from the UK seeks complete access to all Apple cloud data housed in the UK, regardless of the data owners' citizenship and residency. We unpack this latest development in Government versus Encryption.

    Root Causes 467: Decoupling Public from Private Use Cases

    Play Episode Listen Later Feb 12, 2025 9:41


    The past year has seen a great deal of focus on the use of public TLS certificates where private root certificates are actually the appropriate solution. In this episode we discuss the differences between these two use cases and what IT organizations can do about it.

    Root Causes 466: Apple Moves 47-day Ballot to CABF Vote

    Play Episode Listen Later Feb 9, 2025 31:21


    Apple is proceeding with a ballot that eventually will shorten SSL certificate maximum term to 47 days. Accompanying the ballot, Apple released a statement explaining its intent with the ballot. In this episode we unpack its statements.

    Root Causes 465: Twelve Bugzilla Sins for CAs to Avoid

    Play Episode Listen Later Feb 7, 2025 42:49


    In the wake of the Bugzilla Bloodbath, we list and describe twelve sins CAs commit on Bugzilla and its like, why they're detrimental, and how CAs should avoid them.

    Root Causes 464: Defending Against Harvest and Decrypt

    Play Episode Listen Later Feb 5, 2025 9:49


    Harvest and decrypt is a well-known attack vector against traditional cryptography prior to PQC. In this episode, we discuss what enterprises should be doing today to defend themselves against harvest and decrypt.

    Root Causes 463: Cellular Networks Are Insecure

    Play Episode Listen Later Feb 3, 2025 12:21


    In this episode we explain that all cellular networks, contrary to popular belief, are fundamentally insecure.

    Root Causes 462: Crypto War 3.0

    Play Episode Listen Later Jan 31, 2025 22:17


    In this episode we walk through the evolution of the war on cryptography, from the beginning up through today, terminating in what we call Crypto War 3.0.

    Root Causes 461: Sectigo Acquires Entrust Public CA Business

    Play Episode Listen Later Jan 29, 2025 10:28


    Sectigo today announced the acquisition of the Entrust public CA business. Entrust will go forward as a Sectigo reseller. Join us to learn the details.

    Root Causes 460: The State of PQC with Michele Mosca

    Play Episode Listen Later Jan 28, 2025 31:48


    In this episode we are joined by Dr. Michela Mosca. We discuss his pioneering work identifying the need for post-quantum cryptography, where PQC stands today, and what the future may hold.

    Root Causes 459: 2024 Lookback - Shortening Certificate Lifespans & DCV

    Play Episode Listen Later Jan 24, 2025 12:20


    2024 set in motion major changes for certificate lifespans and DCV. In this episode we discuss the Apple 47-day proposal, stepping down certificate term, public versus private CA use cases, DCV reuse periods, MPIC, WHOIS, and other topics.

    Root Causes 458: Apple Extends Entrust Distrust to SMIME and VMC

    Play Episode Listen Later Jan 19, 2025 8:47


    Apple has added itself to the Entrust distrust and has extended this distrust to S/MIME and VMC. We explain.

    Root Causes 457: 2024 Lookback - Guests

    Play Episode Listen Later Jan 17, 2025 11:26


    We had a remarkable year on the Root Causes podcast in terms of our guests. We look back at the extremely expert guests we were lucky to talk about in 2024.

    Claim Root Causes: A PKI and Security Podcast

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel