Feisty Duck
@feistyduck.com
The place for TLS and PKI education. Publishers of Bulletproof TLS and PKI. Authors of Practical TLS and PKI training. Cryptography & Security Newsletter.
Cryptography & Security Newsletter is out! In the December issue:
- OpenSSL Performance Still Under Scrutiny
- Short News
www.feistyduck.com/newsletter/i...
- OpenSSL Performance Still Under Scrutiny
- Short News
www.feistyduck.com/newsletter/i...
December 30, 2025 at 12:25 PM
Cryptography & Security Newsletter is out! In the December issue:
- OpenSSL Performance Still Under Scrutiny
- Short News
www.feistyduck.com/newsletter/i...
- OpenSSL Performance Still Under Scrutiny
- Short News
www.feistyduck.com/newsletter/i...
Black Friday Discounts from Feisty Duck (No.3) - 50% off on ModSecurity Handbook (Ebook)! www.feistyduck.com/books/modsec...
November 26, 2025 at 4:04 PM
Black Friday Discounts from Feisty Duck (No.3) - 50% off on ModSecurity Handbook (Ebook)! www.feistyduck.com/books/modsec...
Black Friday Discounts from Feisty Duck (No.2) - 10% off Practical TLS and PKI Training. Even on Early Bird tickets! From $1,485. One week only.
www.feistyduck.com/training/pra...
www.feistyduck.com/training/pra...
November 26, 2025 at 3:12 PM
Black Friday Discounts from Feisty Duck (No.2) - 10% off Practical TLS and PKI Training. Even on Early Bird tickets! From $1,485. One week only.
www.feistyduck.com/training/pra...
www.feistyduck.com/training/pra...
Black Friday Discounts from Feisty Duck (No.1) - 50% off on Bulletproof TLS and PKI (Ebook). Just for one week!
www.feistyduck.com/books/bullet...
www.feistyduck.com/books/bullet...
November 26, 2025 at 1:50 PM
Black Friday Discounts from Feisty Duck (No.1) - 50% off on Bulletproof TLS and PKI (Ebook). Just for one week!
www.feistyduck.com/books/bullet...
www.feistyduck.com/books/bullet...
Cryptography & Security Newsletter is out! In this issue:
- The Legend of Kipp Hickman
- Short News
www.feistyduck.com/newsletter/i...
- The Legend of Kipp Hickman
- Short News
www.feistyduck.com/newsletter/i...
November 26, 2025 at 12:50 PM
Cryptography & Security Newsletter is out! In this issue:
- The Legend of Kipp Hickman
- Short News
www.feistyduck.com/newsletter/i...
- The Legend of Kipp Hickman
- Short News
www.feistyduck.com/newsletter/i...
New dates! Practical TLS and PKI Training - 23-26 Feb 2026. We have a limited number of Early Bird tickets available. From Ivan Ristic and with Scott Helme, based on Bulletproof TLS and PKI. www.feistyduck.com/training/pra...
November 12, 2025 at 12:02 PM
New dates! Practical TLS and PKI Training - 23-26 Feb 2026. We have a limited number of Early Bird tickets available. From Ivan Ristic and with Scott Helme, based on Bulletproof TLS and PKI. www.feistyduck.com/training/pra...
Cryptography & Security Newsletter is out! In the October issue:
Web PKI Ditches TLS Client Authentication
- How Many Public PKIs Are There?
- Impact on Certificate Transparency
Short News
www.feistyduck.com/newsletter/i...
Web PKI Ditches TLS Client Authentication
- How Many Public PKIs Are There?
- Impact on Certificate Transparency
Short News
www.feistyduck.com/newsletter/i...
October 30, 2025 at 12:42 PM
Cryptography & Security Newsletter is out! In the October issue:
Web PKI Ditches TLS Client Authentication
- How Many Public PKIs Are There?
- Impact on Certificate Transparency
Short News
www.feistyduck.com/newsletter/i...
Web PKI Ditches TLS Client Authentication
- How Many Public PKIs Are There?
- Impact on Certificate Transparency
Short News
www.feistyduck.com/newsletter/i...
Halloween Discount on Practical TLS and PKI Training! 🎃 $500 off on the final training of the year, Nov 10-13. For devs and sysadmins: how to deploy secure servers and design secure web applications
www.feistyduck.com/training/pra...
www.feistyduck.com/training/pra...
October 29, 2025 at 5:56 PM
Halloween Discount on Practical TLS and PKI Training! 🎃 $500 off on the final training of the year, Nov 10-13. For devs and sysadmins: how to deploy secure servers and design secure web applications
www.feistyduck.com/training/pra...
www.feistyduck.com/training/pra...
Tile trackers, used by 88 million people worldwide, send critical data without encryption.
archive.ph/GyFtT
archive.ph/GyFtT
October 29, 2025 at 4:09 PM
Tile trackers, used by 88 million people worldwide, send critical data without encryption.
archive.ph/GyFtT
archive.ph/GyFtT
David Adrian (who works for Google on Chrome security) doesn’t think Web PKI needs revocation. dadrian.io/blog/posts/r...
October 28, 2025 at 4:09 PM
David Adrian (who works for Google on Chrome security) doesn’t think Web PKI needs revocation. dadrian.io/blog/posts/r...
Filippo Valsorda is looking at how to best archive CT logs for posterity. groups.google.com/a/chromium.o...
October 28, 2025 at 11:05 AM
Filippo Valsorda is looking at how to best archive CT logs for posterity. groups.google.com/a/chromium.o...
Over at CA/Browser Forum, post-quantum cryptography is now part of S/MIME Basic Requirements, via ballot SMC013. cabforum.org/2025/07/02/b...
October 27, 2025 at 4:08 PM
Over at CA/Browser Forum, post-quantum cryptography is now part of S/MIME Basic Requirements, via ballot SMC013. cabforum.org/2025/07/02/b...
The previously failed attack on lattice-based cryptography is allegedly coming back after fixes. www.linkedin.com/posts/bart-p...
October 27, 2025 at 11:05 AM
The previously failed attack on lattice-based cryptography is allegedly coming back after fixes. www.linkedin.com/posts/bart-p...
An article from Metalhearf’s Blog has more information on the countries’ positions. metalhearf.fr/posts/chatco...
October 24, 2025 at 10:05 AM
An article from Metalhearf’s Blog has more information on the countries’ positions. metalhearf.fr/posts/chatco...
A whistleblower has sued Meta over alleged WhatsApp security flaws.
web.archive.org/web/20250908...
web.archive.org/web/20250908...
October 23, 2025 at 10:05 AM
A whistleblower has sued Meta over alleged WhatsApp security flaws.
web.archive.org/web/20250908...
web.archive.org/web/20250908...
Apple’s new phones come with a new feature called Memory Integrity Enforcement, which makes exploitation more difficult. www.linkedin.com/posts/activi...
October 22, 2025 at 3:07 PM
Apple’s new phones come with a new feature called Memory Integrity Enforcement, which makes exploitation more difficult. www.linkedin.com/posts/activi...
Video recordings of DigiCert’s World Quantum Readiness day are now available. www.digicert.com/world-quantu...
October 20, 2025 at 3:31 PM
Video recordings of DigiCert’s World Quantum Readiness day are now available. www.digicert.com/world-quantu...
Luke Valenta writes at length about the difference between post-quantum cryptography and quantum security technology. You need the former, not necessarily the latter. blog.cloudflare.com/you-dont-nee...
October 17, 2025 at 10:05 AM
Luke Valenta writes at length about the difference between post-quantum cryptography and quantum security technology. You need the former, not necessarily the latter. blog.cloudflare.com/you-dont-nee...
The related Hacker News discussion has some additional interesting information. news.ycombinator.com/item?id=4532...
October 16, 2025 at 3:06 PM
The related Hacker News discussion has some additional interesting information. news.ycombinator.com/item?id=4532...
Virtual SIM cards (eSIMs) are making it easier to switch phone providers, but many seem to route network traffic via unexpected remote places, such as China. alertify.eu/silent-esim-...
October 16, 2025 at 3:06 PM
Virtual SIM cards (eSIMs) are making it easier to switch phone providers, but many seem to route network traffic via unexpected remote places, such as China. alertify.eu/silent-esim-...
In Russia, a new, government-sponsored chat app is being preinstalled on all new phones. It’s been called a privacy nightmare. www.forbes.com/sites/thomas...
October 15, 2025 at 10:05 AM
In Russia, a new, government-sponsored chat app is being preinstalled on all new phones. It’s been called a privacy nightmare. www.forbes.com/sites/thomas...
Trail of Bits released Algo v2.0.0, the next generation of its personal VPN tooling.
Release Algo VPN 2.0.0 · trailofbits/algo
A major release with comprehensive security improvements, performance optimizations, and modernized infrastructure. 🔒 Security Enhancements Certificate Authority constraints (#14811) - Prevents ce...
github.com
October 14, 2025 at 3:06 PM
Trail of Bits released Algo v2.0.0, the next generation of its personal VPN tooling.
There is some movement toward QWAC adoption (via Stephen Davidson); ETSI EN 319 411-2 and ETSI TS 119 411-5 are the relevant standards. www.linkedin.com/posts/srdavi...
October 13, 2025 at 3:06 PM
There is some movement toward QWAC adoption (via Stephen Davidson); ETSI EN 319 411-2 and ETSI TS 119 411-5 are the relevant standards. www.linkedin.com/posts/srdavi...
Jan Schaumman has looked at the deployment of post-quantum cryptography among top websites. www.netmeister.org/blog/pqc-use...
October 10, 2025 at 3:07 PM
Jan Schaumman has looked at the deployment of post-quantum cryptography among top websites. www.netmeister.org/blog/pqc-use...
IPng Networks has published its third post covering the details of CT log operation. ipng.ch/s/articles/2...
October 9, 2025 at 3:06 PM
IPng Networks has published its third post covering the details of CT log operation. ipng.ch/s/articles/2...