Root Causes: A PKI and Security Podcast

Root Causes: A PKI and Security Podcast

Digital certificate industry veterans Tim Callan and Jason Soroko explore the issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic and evolving computing world. Best practices in digital certificates are continually under pressure from technology trends, new laws and regulations, cryptographic advances, and the evolution of our computing architectures to be more virtual, agile, ubiquitous, and cloud-based. Jason and Tim (and the occasional guest subject matter expert) will help you stay current on developments in this essential technology platform and to understand the whys and wherefores of popular Public Key Infrastructures.

Episodes

Root Causes 539: What Is the Two-QWAC Architecture?

October 21, 2025 20 mins
A new kind of eIDAS QWAC (Qualifieid Website Authentication Certificate) is on the way. The "two-QWAC architecture" introduces a second certificate containing organization information to be displayed by the browser, to sit alongside but independent of the certificate that authenticates a domain. We explain what's coming and why.
Mark as Played

Root Causes 538: What Is an Entropy Desert?

October 19, 2025 9 mins
An environment in which credentials are extremely predictable could be described as an entropy desert. There are occurring at a global scale. We discuss concepts like measurable entropy availability and entropy by design.
Mark as Played

Root Causes 537: The Thermodynamics of Privacy

October 16, 2025 13 mins
In this episode we build on our concept of entropy-aware guidance to explain how we might quantify privacy. We touch on GDPR, proof of work, and Landaur's principle.
Mark as Played

Root Causes 536: Patent Blocker on ML-KEM

October 14, 2025 11 mins
A patent dispute in 2024 nearly blocked ML-KEM. But emerging thinking raises concern that the 2024 resolution did not guarantee full, clear access to all ML-KEM implementations. We explain.
Mark as Played

Root Causes 535: The CPS Is a Superset of Actual Practices

October 11, 2025 10 mins
The CPS must always be a superset of actual practices in a properly running CA. We explain why this is a product of good design.
Mark as Played

Root Causes 534: Signing the Machines That Think

October 10, 2025 8 mins
Imagine what happens if you use the wrong LLM, including a malicious model placed there to create mischief or crime. How do you know? Jason proposes that, the same way we sign our code, we should be signing our AI models as well.
Mark as Played

Root Causes 533: Flexibility Through Multi-CA Trust Models

October 7, 2025 9 mins
We discuss how a static PKI structure can hurt corporate flexibility and resilience. Events like reorgs and M&A activity can cause intractable problems with the wrong PKI setup. Plus, Jason coins the term PKI archeology.
Mark as Played

Root Causes 532: Introducing Offline PKI

October 1, 2025 11 mins
In this episode, Jason describes how we might use the principles of PKI in a purely offline scenario.
Mark as Played

Root Causes 531: Benefits of Single-purpose Root Hierarchies

September 30, 2025 16 mins
Public certificates are transitioning from multi-purpose root hierarchies to single-purpose ones. We discuss why.
Mark as Played

Root Causes 530: Introducing the AI Iceberg

September 28, 2025 18 mins
We compare AI in 2025 to Internet in 1995 and describe the AI iceberg, including the majority of applications which are below the waterline.
Mark as Played

Root Causes 529: What Is a Common Mark Certificate?

September 24, 2025 7 mins
Verified Mark Certificates (VMC) now have a companion product for logos that are not registered trademarks, called a Common Mark Certificate (CMC). We explain the differences.
Mark as Played

Root Causes 528: Misissued SSL Certificate for 1.1.1.1

September 16, 2025 17 mins
A CA has incorrectly issued TLS certificates for the 1.1.1.1 and 2.2.2.2 IP addresses. We go into the details.
Mark as Played

Root Causes 527: Key Dates for the Deprecation of Public mTLS

September 14, 2025 10 mins
Client authentication using public TLS server certificates is on the deprecation path. In this episode we go through the key dates in this deprecation.
Mark as Played

Root Causes 526: Voice Biometrics Are Worthless

September 11, 2025 8 mins
Based on the ready availability of AI-based voice cloning, we declare voice biometric authentication to be utterly valueless.
Mark as Played

Root Causes 525: The End of Email-based DCV

September 9, 2025 10 mins
A new CABF ballot proposal will eliminate all email- and phone-based DCV over the next few years. We go into the details.
Mark as Played

Root Causes 524: How to Kill Three Birds with One Stone

September 7, 2025 12 mins
Three major changes are coming to the world of public certificates, all of which require major changes in how organizations deploy, renew, and manage their certificates. These are 47-day SSL, PQC, and the deprecation of mTLS. We describe the overlap between these efforts and how to combine them for better efficiency and project management.
Mark as Played

Root Causes 523: Will Your Configuration Block MPIC DCV?

September 2, 2025 11 mins
MPIC (Multi-perspective Issuance Corroboration) is soon to move into enforcement phase. In this episode we describe three configuration decisions that can force Domain Control Validation (DCV) to fail and tell you what to do about them before you have a problem.
Mark as Played

Root Causes 522: How Prepared Are Enterprises for PQC? (Part 2)

August 26, 2025 33 mins
We complete our description and commentary on the results of Sectigo's survey of enterprise preparedness for Post Quantum Cryptography (PQC).
Mark as Played

Root Causes 521: How Prepared Are Enterprises for PQC? (Part 1)

August 21, 2025 32 mins
We begin to go over the results of Sectigo's recent survey of enterprises and their preparedness and plans for adopting Post Quantum Cryptography (PQC).
Mark as Played

Root Causes 520: How Prepared Are IT Teams for 47-day Certificates?

August 19, 2025 45 mins
Sectigo has released the results of its survey of IT professionals in charge of certificates to measure their readiness and preparation for 47-day maximum certificate term. We go over the results.
Mark as Played

Popular Podcasts

    Stuff You Should Know

    Stuff You Should Know

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

    Dateline NBC

    Dateline NBC

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com

    CrimeLess: Hillbilly Heist

    CrimeLess: Hillbilly Heist

    It’s 1996 in rural North Carolina, and an oddball crew makes history when they pull off America’s third largest cash heist. But it’s all downhill from there. Join host Johnny Knoxville as he unspools a wild and woolly tale about a group of regular ‘ol folks who risked it all for a chance at a better life. CrimeLess: Hillbilly Heist answers the question: what would you do with 17.3 million dollars? The answer includes diamond rings, mansions, velvet Elvis paintings, plus a run for the border, murder-for-hire-plots, and FBI busts.

    The Breakfast Club

    The Breakfast Club

    The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!

    Crime Junkie

    Crime Junkie

    Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

Explore

iHeart

Live Radio

Podcasts

Artist Radio

Exclusives

News

Features

Events

Contests

Photos

Information

About

Advertise

Blog

Brand Guidelines

Contest Guidelines

Subscription Offers

Jobs

Get the App

Automotive

Home

Mobile

Wearables

© 2025 iHeartMedia, Inc.