TLS for Applications

MPTCP and TLS 1.3 – Big Announcements from Apple

Apple recently announced some major changes to their operating systems across all platforms during their flagship developer conference WWDC. The Worldwide Developers Conference is where developers can attend sessions and meet with over 1,000 Apple engineers, and this event included a keynote introducing new software (iOS 11, macOS High Seirra and watchOS 4) and hardware (iPad Pro and Read more…


CAA mandated by CA/Browser Forum

On 8 March 2017, the CA/B Forum announced that the voting period is over for “Ballot 187 – Make CAA Checking Mandatory“, which means mandatory CAA checking will become part of their Baseline Requirements document. But who is CA/B Forum, and what is the significance of this decision? As per its bylaws, the Certification Authority Browser Forum (CA/B Read more…


RIPE 74 – Highlights from Days 3, 4 & 5

The RIPE 74 meeting was happening last week in Budapest, Hungary, and we’ve been highlighting the presentations and activities related to the Deploy360 technologies. Although much of the action for us happened on the first couple of days, there’s still quite a few things to highlight from the rest of the week. Wednesday and Thursday were largely devoted to Read more…


Postfix 3.2 released

Postfix version 3.2 was released on 28 February 2017 and implements several changes to its DANE functionality in order to conform with RFCs 7671 and 7672, as well as operational practices Postfix is a free and open-source mail transfer agent that includes support for the DANE protocol. DANE can address the issue of third-party trust Read more…


RFC 8094: DNS over DTLS published

RFC 8094 – DNS over Datagram Transport Layer Security (DTLS) – was recently published as an experimental specification. This was the result of the ongoing activity of the DNS PRIVate Exchange (dprive) Working Group at the IETF to develop mechanisms to provide confidentiality to DNS transactions and to address concerns surrounding pervasive monitoring. DNS queries and responses are normally exchanged unencrypted on the Read more…


Introduction to PKIs & CAs paper

TLS badge

If you’re looking for background information on how Public Key Infrastructures (PKIs) and Certificate Authorities (CA) support secure and private communication on the Internet, then Deploy360 has just published an overview of how these mechanisms work and how they are deployed. There are several commonly used mechanisms for supporting secure and private communication, transaction protection and Read more…


Deploy360@IETF98, Day 4: IPv6, IoT & ACME

Thursday at week IETF 98 in Chicago is another mix of IPv6, the Internet-of-Things and TLS-related working groups. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on. The first session of the day is 6MAN which has a last call on updates to the IPv6 specification as currently defined in RFC 2460, RFC 4291, Read more…


Deploy360@IETF98, Day 3: IPv6, IoT & DTLS

Wednesday at IETF 98 in Chicago features a mix of IPv6, the Internet-of-Things and TLS-related working groups. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on. The morning session offers a choice between the 6LO and PERC Working Groups. 6LO focuses on facilitating IPv6 connectivity over node networks with limited power, memory and processing resources, and Read more…


Deploy360@IETF98, Day 2: IoT, IPv6, TLS & SIDR

Tuesday is another busy day at IETF 98 in Chicago with sessions related to pretty much the whole Deploy360 portfolio. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on. The morning session sees TLS busy with a significant update to the TLS protocol which is now in Last Call. There’s a companion update to DTLS, and also Read more…


Deploy360@IETF98, Day 1: IoT, IPv6, DNSSEC & TLS

It’s a busy week IETF 98 in Chicago, and we’ll be bringing you daily blog posts that highlight what Deploy360 will be focused on during that day. And Monday is the busiest day, with a couple of working groups on the Internet-of-Things, along with sessions relevant to IPv6, DNSSEC and TLS. The day kicks off at 09.00 CDT/UTC-6 with Homenet which is developing protocols Read more…