Feisty Duck

The place for TLS and PKI education. Publishers of Bulletproof TLS and PKI. Authors of Practical TLS and PKI training. Monthly Bulletproof TLS Newsletter.

2025-07-07

The Electronic Frontier Foundation is weighing in on the European Union’s “encryption roadmap,” which continues to push for access to private communication. eff.org/deeplinks/2025/06/eus-

2025-07-07

Frank Denis makes a passionate plea for better user interfaces for OpenSSL cipher suite selection. 00f.net/2025/06/06/cipher-suit

2025-07-02

Researchers have discovered a novel tracking method, used by Meta and Yandex, that affected the privacy and security of potentially billions of Android users. The clever technique relied on the sharing of information between (1) websites running in browsers and (2) native apps that were designed especially for this purpose. localmess.github.io

2025-07-01

The European Union has published its guidelines for migration to post-quantum cryptography. The timelines are as follows: triage by the end of 2026, migration of high-risk properties by the end of 2030, and migration of the remaining properties by the end of 2035. digital-strategy.ec.europa.eu/

2025-06-30

Cryptography & Security Newsletter is out! In this issue:
- Internet PKI to Integrate DNSSEC
- Short News
feistyduck.com/newsletter/issu

2025-06-23

HAProxy wrote about the state of TLS libraries. haproxy.com/blog/state-of-ssl-

2025-06-23

John Young, cofounder of web archive Cryptome cryptome.org, has died. The Register spoke to his friends and peers. theregister.com/2025/05/24/joh

2025-06-10

The Internet Security Research Group (ISRG) is branching from certificates into the human digital identity space. abetterinternet.org/post/human

2025-06-03

To reap the security benefits of passkeys, we need to make a leap and embrace a password-less future. Microsoft is doing just that, with new accounts skipping passwords altogether and existing accounts given an option to delete their existing passwords. microsoft.com/en-us/security/b

2025-06-03

Cryptography & Security Newsletter: The UK government announced that it will deploy passkeys as an alternative to the current text-based two-factor authentication approach. ncsc.gov.uk/news/government-ad

More about passkeys gaining momentum: feistyduck.com/newsletter/issu

2025-05-29

Cryptography & Security Newsletter is out! In this issue:
- Passkeys Gain Momentum
- Short News
feistyduck.com/newsletter/issu

2025-05-28

New dates! Practical TLS and PKI, Sep 22-25. From Ivan Ristic, based on the Bulletproof book, with lots of exercises to give you hands-on experience. Your teacher will be Scott Helme. And now is a good time to grab an Early Bird ticket ($300 off).
feistyduck.com/training/practi

2025-05-15

Our final TLS and PKI Training before the summer will take place on 3-6 June. Four half-days, with real-world exercises to work on during the training and afterwards. With Scott Helme and from Ivan Ristic. Join us! feistyduck.com/training/practi

2025-05-06

Four weeks until the next Practical TLS and PKI Training - Join Scott Helme on June 3-6 to learn how to deploy secure servers and design secure web applications. Four half days, Pacific Time AM. From Ivan Ristic.
feistyduck.com/training/practi

2025-04-30

Cryptography & Security Newsletter is out! In this issue:
- Certificate Lifetimes to Shrink to Just Forty-Seven Days
- Other News
feistyduck.com/newsletter/issu

2025-04-02

From the newsletter: To support its CRLite effort, Mozilla updated its Root Store Policy in March, making a stronger push to ensure that CAs are revoking certificates in a timely manner and that they’re able to respond to high-volume situations. blog.mozilla.org/security/2025

2025-03-31

Cryptography & Security Newsletter is out! In this issue:
- Mozilla Fixes Certificate Revocation Checking
- Certificate Transparency
- Post-Quantum Cryptography
- Other News
feistyduck.com/newsletter/issu

2025-03-17

New dates for Practical TLS and PKI Training! 3-6 June, 8am-11:30am PT. We have a small number of Early Bird tickets, it's a good time to book! From Ivan Ristic and with Scott Helme. feistyduck.com/training/practi

2025-02-28

Cryptography & Security Newsletter is out! In this issue:
- QWAC Technical Details Emerge
- No Advanced Data Protection for the UK
- Short News
feistyduck.com/newsletter/issu

2025-02-03

We have updated our SSL/TLS and PKI History! Check out the latest developments: feistyduck.com/ssl-tls-and-pki

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst