Error: JavaScript appears to be disabled

This web site will not operate correctly without JavaScript. Apologies for the inconvenience.

Home Training Books

Sign In

You are here: Home / Bulletproof TLS Newsletter

Bulletproof TLS Newsletter

Bulletproof TLS Newsletter delivers fresh SSL/TLS and Internet PKI
news straight to your inbox, once a month.

Issue #31 - Symantec sells certificate business to DigiCert 31 August 2017

Previous Issues

Issue #30 - Leaked private keys and revocations based on fake private keys 31 July 2017
Issue #29 - Cisco and Spotify ship private keys in applications 29 June 2017
Issue #28 - Let's Encrypt downtime 31 May 2017
Issue #27 - Certificate Transparency requirement delayed 28 April 2017
Issue #26 - Google plans to distrust all current Symantec certificates 30 March 2017
Issue #25 - SHA-1 is broken 28 February 2017
Issue #24 - Firefox and Chrome start warning about insecure login forms 31 January 2017
Issue #23 - 2016: The year HTTPS became dominant 4 January 2017
Issue #22 - TLS 1.3 in final stages and SHA-1 deprecation 30 November 2016
Issue #21 - Certificate Transparency for all new certs, backdoors in primes, WoSign and Comodo incidents 27 October 2016
Issue #20 - Mozilla no longer trusts WoSign and StartCOM, Comodo issues top level sb and tc certificates 29 September 2016
Issue #19 - SWEET32, HEIST/TIME, PAC and WPAD leak HTTPS URLs 31 August 2016
Issue #18 - Version Intolerance and TLS 1.3, Google uses Post-Quantum Cryptography, StartEncrypt vulnerabilities 28 July 2016
Issue #17 - Let's Encrypt trademark dispute, discrete logarithm record, ChaCha20 and TLS version fallbacks 30 June 2016
Issue #16 - Nonce reuse in GCM, another Padding Oracle, HTTPS by default and Post-Quantum Cryptography news 26 May 2016
Issue #15 - WordPress.com and others enable HTTPS by default 28 April 2016
Issue #14 - SMTP Strict Transport Security may improve transport encryption for email 31 March 2016
Issue #13 - DROWN attack shows danger of supporting old SSL v2 protocol 1 March 2016
Issue #12 - OpenSSL security update and the trouble with non-safe primes 25 February 2016
Issue #11 - New SLOTH and CurveSwap attacks against TLS discovered 27 January 2016
Issue #10 - CloudFlare and Facebook propose to delay SHA1 deprecation 21 December 2015
Issue #9 - eDellRoot certificate endangers users of Dell computers 30 November 2015
Issue #8 - RC4 finally going away 15 September 2015
Issue #7 - Logjam attack against weak DH key exchange 21 May 2015
Issue #6 - FREAK attacks SSL/TLS clients 06 March 2015
Issue #5 - SHA1 deprecation continues 13 February 2015
Issue #4 - New POODLE attack on TLS discovered 08 December 2014
Issue #3 - Support for SSL v3 is eroding 28 November 2014
Issue #2 - POODLE attack on SSL 3 16 October 2014
Issue #1 - SHA1 Deprecation 02 October 2014

Hands-on SSL/TLS and PKI training
(In London or on-site)

The Best TLS Training in the World (covers both TLS and PKI)

If you're a developer, system administrator, or security professional, we'll teach you everything you need to know for your day-to-day work.

The Best TLS Training in the World - 13-14 December (London)

Join us for two days full of fun practical work!