Cryptography & Security Newsletter

Feisty Duck’s Cryptography & Security Newsletter is a periodic dispatch bringing you commentary and news surrounding cryptography, security, privacy, SSL/TLS, and PKI. It's designed to keep you informed about the latest developments in this space. Enjoyed every month by more than 50,000 subscribers. Written by Ivan Ristić.

Working on the short news for this month’s newsletter, I came across Cypherpunks Hall of Fame, which has a long list of people who have contributed to encryption, privacy, and similar causes. Looking at the list, I couldn’t help but feel that it’s missing one very important person that made a significant contribution.

In late 1994, Netscape Navigator was taking off and growing fast. It had the momentum, but there was something holding it back: Because these were the very early days of the web, there was no way to protect its communication from eavesdropping. HTTP was just plaintext, without encryption. The world was ready to move commerce online, but not before it was deemed safe—or at least relatively safe, judging from today’s perspective.

It fell to Kipp Hickman to make it work. According to Ben Horowitz, Kipp—who had a reputation as a fixer—took the job. By the time he came back, three months later, he had designed and implemented the very first version of the SSL protocol (v2). It wasn’t perfect, but it worked. It was good enough to support Netscape as it was making its first steps into the encrypted web, starting with the Navigator 1.1 release in March 1995—and the rest is history. Fixes to the SSL v2 protocol followed in SSL v3. The next small revision protocol (essentially SSL v3.1) was later adopted by IETF and renamed TLS 1.0. Further improvements followed with TLS 1.1 and 1.2, and then a full rewrite in TLS 1.3.

I had questions I wanted to ask, like: What was the brief and intention? What design constraints were assumed? And how did he arrive at the trust model? Kipp had not been active on the internet for quite a while, and I didn’t even know how to start looking for him. But it turns out that Moxie Marlinspike had the same questions back in 2010, and he managed to find Kipp and speak with him. This is what Kipp had to say:

“Oh, that whole authenticity thing… We just threw that in at the end. We were designing SSL to prevent passive attacks for the most part, you know. We heard about this thing—the man-in-the-middle attack—and so we just threw that in at the end.”

Doing further research, I went through some mailing lists from that time to better understand Kipp’s mindset. It turns out he was very pragmatic and understood that he had one shot and limited resources; rather than shoot for the moon (others were advocating for end-to-end encryption, for example—a problem we still haven’t fully solved), he undertook a smaller project that he could succeed with. And he solved it well. Three months is a very, very, good time for protocol design and implementation, especially back in the day when the world didn’t have a lot of experience with cryptography.

Kipp is the engineer who could. He deserves a place in every Cypherpunks Hall of Fame.

Short News

• The OpenSSL Conference 2025 videos are now online.
• If you were ever curious to learn how modern passports work, a blog post from Trail of Bits will tell you.
• Filippo Valsorda shared his experiences using Claude to debug cryptography.
• ACME is being extended with the dns-account-label-01 challenge, which is designed to support concurrent issuance when using DNS validation. Fastly’s Shiloh Heurich has a blog post that explains why the company added support for it.
• OVHcloud has switched to using a quantum computer for random number generation.
• RFC 9881 standardizes X.509 certificates based on ML-DSA.
• AWS Private CA has added support for post-quantum digital certificates using ML-DSA.
• CertKit has released a free search of public certificates recorded to Certificate Transparency (CT).
• JP Aumasson doesn’t think quantum computers will break Bitcoin.
• Rhysida’s OysterLoader malvertising campaign has leveraged more than forty code-signing certificates.
• Marin Ivezić has started a LinkedIn newsletter titled The Quantum Observer.
• The Open Source Cryptography Workshop 2026, which will take place in Taipei just before the RWC conference, is inviting submissions.
• Device Bound Session Credentials, which we talked about a couple of newsletters back, has progressed to its second trial stage.
• .Net 10 libraries added support for post-quantum cryptography.
• NIST is planning to standardize a smaller variant of SLH-DSA, a post-quantum digital signature scheme based on hashing.
• Have you seen the IETF’s Post-Quantum Cryptography for Engineers?
• Microsoft has announced a preview of Signing Transparency, which makes code signing verifiable
• Trail of Bits is releasing open-source Go implementations of ML-DSA and SLH-DSA.
• The PQC Suite B project proposes improving the performance of post-quantum encryption by using Blake 3, which is faster than the usual hash functions.
• Thomas Brewster writes for Forbes about how WhatsApp metadata is being used by law enforcement in the US.
• Cloudflare has published an overview of what global TCP looks like from their perspective.
• CT Moniteur is a Python library for monitoring CT logs, with support for both classic and modern, tiled CT logs.
• Chrome is considering a more aggressive adoption of the static CT APIs so that the ecosystem will achieve better performance sooner.
• Trail of Bits disclosed vulnerabilities in eight different confidential computing systems that use Linux Unified Key Setup version 2 (LUKS2) for disk encryption.
• Watch Filippo’s Go Cryptography State of the Union 2025 presentation or read the transcript.
• The International Association for Cryptologic Research (IACR) held an election, but it lost one of the private keys necessary to access the results.
• The solution to the Kryptos sculpture sold for nearly $1 million.
• A reminder that there is downside to CT: Web sites are attacked within seconds of certificate issuance.
• Soatok created a shim NPM package to help people migrate away from the apparently not-very-good elliptic package.
• Daniel J. Bernstein published 3(!) blog posts on the same day on the topic of NSA, ML-KEM, and IETF. There was an earlier part one, and now parts two, three, and four.