Starting April 28, 2018, AWS will start to support Certificate Transparency. I am new to this, here are somethings that I learned so far. What exactly is certificate transparency? Certificate Transparency framework is a project that is initially launched by Google. What problems does certificate transparency solve? It is designed to solved some flaws in the … Continue reading Certificate Transparency
As mentioned in my previous blog New to AWS GuardDuty? I have been working on open sourcing the tool that I wrote for internal use. Now it is public available on my GitHub: AWS GuardDuty Manager Description AWS GuardDuty Manager (GDM) is a tool that allows you to perform some common GuardDuty tasks (start, stop and … Continue reading AWS GuardDuty Manager
The blog title explains the main reason that I started the open source project CertStuff If you are not familiar with the Google proposal, here are some quotes that I found on the Symantec website: On July 27, 2017, Google posted a time-sensitive plan regarding Symantec-issued TLS server certificates. There are critical dates that will impact your … Continue reading Google Proposal of trust in existing Symantec-issued Certificates
Domain Validation (DV): This is a lower level of validation. The CA validates that you have control of the domain. A DV certificate expires in 90 days. Organization Validation (OV): A higher level of validation. The CA validates whether or not the company is valid, if it is registered, and if the business contact legitimately … Continue reading Three types of CA Validation Certificate
What is HSTS? It stands for HTTP Strict Transport Security. Simply speaking, HSTS is a method that allows the browser to do http to https redirect. Why use HSTS? Security! As explained above, the http traffics only stay inside the machine, so it reduces the risk of exposing sensitive information in plain text to the Internet. … Continue reading Enable HSTS in Akamai
Jackie Chen's IT Workshop 