Home Podcasts Root Causes: A PKI and Security Podcast
Root Causes: A PKI and Security Podcast

Root Causes: A PKI and Security Podcast

Tim Callan and Jason Soroko 623 Episodes Jul 2, 2026

Digital certificate industry veterans Tim Callan and Jason Soroko explore issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic computing world. They discuss best practices in digital certificates under pressure from technology trends, new laws, cryptographic advances, and evolving computing architectures. The podcast helps listeners stay current on developments in this essential technology platform and understand the whys and wherefores of popular Public Key Infrastructures.

Episodes

Root Causes 636: The Future of Crypto Agility Jul 2, 2026 00:09:29 Dustin Moody of NIST joins us to talk about the evolution of standardized cryptography beyond the current PQC efforts. Topics include maintaining visibility on cryptography presently in use, 50 years of RSA, and cryptographic heterogeny.
Root Causes 635: Do We Need to Get Rid of ECC? Jun 29, 2026 00:09:33 Bas Westerbaan of Cloudflare joins us to discuss recent information that heightens concerns about Elliptic Curve Cryptography (ECC) and its vulnerability to a cryptographically relevant quantum computer (CRQC). We pose the question do we need to deprecate ECC in advance of our migration to ML-DSA and other PQC algorithms.
Root Causes 634: White House Executive Order Accelerates PQC Deployment Jun 26, 2026 00:12:42 A new Executive Order (EO) moves the deadline for ML-DSA deployment up to 2031. We talk about why this happened and its implications on government, the technology industry, and enterprises around the globe.
Root Causes 633: ETSI PQC Conference Wrap Up Jun 24, 2026 00:16:11 We are freshly returned from the 2026 ETSI PQC Conference. We give a debrief on the conference, including the difference between post quantum cryptography (PQC) and quantum key distribution (QKD), the algorithmic zoo, PQC for blockchain, the Dunning Kruger Effect, and cryptographic Frogger.
Root Causes 632: Gartner Risk and Security 2026 Wrap Up Jun 22, 2026 00:19:55 We recently attended the Gartner Risk and Security conference for 2026, where we observed a great deal of attention on not only AI but also post quantum cryptography (PQC). Join us as we share the key takeaways.
Root Causes 631: Did the Bugzilla Bloodbath Change Anything? Jun 19, 2026 00:13:09 2024 saw a flurry of high profile incidents for public CA, which we named the Bugzilla Bloodbath. We look back to see how the WebPKI has changed as a consequence.
Root Causes 630: The PQC Physicality Crisis Jun 17, 2026 00:06:27 Resource-constrained devices may need to address PQC through real-time, seed-based, key generation. Unfortunately, this leaves the full key exposed very briefly in RAM. The potential consequences of this are far-reaching and scary. We go into the details.
Root Causes 629: Does the Evidence Support Moving PQC Deadlines to 2029? Jun 15, 2026 00:16:12 Sam Jaques of the University of Waterloo returns to discuss his tracking of progress in quantum computers and offer a perspective on moving our PQC deadlines up to 2029.
Root Causes 628: PI-DOS (Prompt Injection-based Denial of Service) Jun 12, 2026 00:09:40 An emerging attack against AIs is to create a significantly complex and recursive prompt that will occupy the AI indefinitely or for a sufficiently long time that it acts as a Denial-of-Service (DoS) attack. We describe how this works.
Root Causes 627: UK vs Apple E2EE Backups Jun 10, 2026 00:05:11 In the latest in our coverage of government versus encryption, the UK issued secret orders to Apple to give it a cryptographic backdoor to Apple's advanced data protection capability for iCloud. Apple responded by eliminating encryption entirely for UK users. We break it down.
Root Causes 626: TLS 1.3 Roadblock Jun 8, 2026 00:10:15 TLS 1.3 is required to take advantage of post quantum cryptography (PQC) algorithms. Yes, we still see a lot of TLS 1.2 or earlier in deployment. We examine why this is the case and what to do about it.
Root Causes 625: AI in 1000 Days - Cyber Defense Jun 5, 2026 00:08:06 Recent revelations about Mythos and its ability to expose vulnerabilities have forced us to rethink basic assumptions about cyber defense. In our "AI in 1000 Days" series, Jason Soroko and I examine the implications of these revelations three years from now. This includes upping the overall pace of attack and changes to best practices in cyber security defense.

Recommended