Key management on Notably News

Key management

Management of cryptographic keys

Follow Key management on Notably News to receive short updates to your email — rarely!

We include updates on Certificate authority, Forward secrecy, Web of trust, Domain Name System Security Extensions, Self-signed certificate, Certificate revocation list, DNS-based Authentication of Named Entities, Extended Validation Certificate, KSV-21, Domain-validated certificate, Zeroisation, KSD-64, Broadcast encryption, Ssh-agent, StrongSwan, KAME project ... and more.

April 14 2025	Certificate authority The CA/Browser Forum passed a ballot to reduce SSL/TLS certificates to a maximum 47-day term by March 15, 2029. CA/Browser Forum Votes for 47-Day Cert Durations By 2029 - Slashdot it.slashdot.org www.thesslstore.com
April 2025	CA/Browser Forum CA/Browser Forum approved ballot SC-081v3, which will reduce the certificate lifespan of SSL/TLS certificates to 47 days by 2029. The ballot was submitted by Apple and endorsed by Sectigo, Google Chrome team, and Mozilla. SSL/TLS Certificate Lifespans Reduced to 47 Days by 2029 sslinsights.com SSL/TLS Certificate lifespan reduced to 47 days by 2029 - ManageEngine Key Manager Plus www.manageengine.com
2025	Key Management Interoperability Protocol Release of KMIP version 3.0, introducing an explicit concept of KMIP users as System Objects, improving object lifecycle and referencing, formalizing object groups and hierarchies, and adding an Obliterate administrative operation. www.p6r.com KMIP-SOU-Cryptsoft-13-Mar-2025.pdf uploaded \| OASIS Key Management Interoperability Protocol (KMIP) TC groups.oasis-open.org
2025	Key Management Interoperability Protocol KMIP interoperability demonstration focused on testing Post Quantum Cryptography (PQC) algorithms in anticipation of advancing quantum computer capabilities. Support Latest Post-Quantum-Cryptography algorithms with Cryptsoft's SDKs www.prnewswire.com Support Latest Post-Quantum-Cryptography Algorithms With Cryptsoft's SDKs news.futunn.com
January 2023	CA/Browser Forum CA/Browser Forum adopted version 1.0 of the 'Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates', defining four types of S/MIME certificate standards: Mailbox-validated, Organization-validated, Sponsor-validated, and Individual-validated. www.thesslstore.com 2023-09-27 Minutes of the S/MIME Certificate Working Group \| CA/Browser Forum cabforum.org
September 2022	Key size NSA began transitioning from CNSA 1.0 to CNSA 2.0, introducing new quantum-resistant cryptographic algorithms like CRYSTALS-Kyber for key establishment and CRYSTALS-Dilithium for digital signatures. www.nsa.gov Cryptography Archives - National Quantum Initiative www.quantum.gov
2021	Key server The public SKS keyserver pool was shut down due to difficulties processing GDPR (General Data Protection Regulation) requirements, marking the end of the primary OpenPGP keyserver network. gpg: keyserver receive failed: No name - for gpg --keyserver hkp://pool.sks-keyservers.net lists.gnupg.org [tde-devels] Re: pool.sks-keyservers.net is shutting down - tde-devels - Trinity Desktop Environment mail.trinitydesktop.org
2021	Key server The public SKS keyserver pool, originally developed by Yaron Minsky, is shut down due to challenges processing GDPR requirements effectively. gpg: keyserver receive failed: No name - for gpg --keyserver hkp://pool.sks-keyservers.net lists.gnupg.org [tde-devels] Re: pool.sks-keyservers.net is shutting down - tde-devels - Trinity Desktop Environment mail.trinitydesktop.org
2021	Key Management Interoperability Protocol KMIP version 3.0 released, introducing an explicit concept of KMIP users as System Objects, improving object lifecycle references, formalizing object groups and hierarchies, and adding an Obliterate administrative operation. www.p6r.com KMIP Spec v3.0 WD16 Markup uploaded \| OASIS Key Management Interoperability Protocol (KMIP) TC groups.oasis-open.org
2021	Qualified website authentication certificate European Union proposes updates to eIDAS (electronic Identification, Authentication and Trust Services) regulation, requiring web browsers to incorporate government-specified 'Trusted Service Providers' and accept Qualified Website Authentication Certificates (QWACs). Amendment to eIDAS Regulation (2021-2023*) \| DLK Legal www.dlklegal.com SSL Certificates \| Web Site Security \| Sectigo® Official www.sectigo.com
2020	Certificate authority According to Netcraft, DigiCert was identified as the world's largest high-assurance certificate authority, commanding 60% of the Extended Validation Certificate market and 96% of organization-validated certificates globally.
September 2020	CA/Browser Forum CA/Browser Forum adopted version 2.0 of the 'Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates'.
September 1 2020	Certificate authority Maximum certificate lifetime reduced to 398 days.
August 2020	CA/Browser Forum S/MIME Certificate Working Group was chartered to create baseline requirements for CAs issuing S/MIME certificates used for email signing, verification, encryption, and decryption.
March 2020	Extended Validation Certificate CA/B Forum implemented a new limitation on domain validation and organization data reuse, restricting maximum validity to 397 days (not to exceed 398 days).
2019	Public key certificate Major browsers like Chrome and Firefox discontinued visual indicators for Extended Validation (EV) certificates, removing the previously used green color and legal name display due to security concerns and potential impersonation vulnerabilities.
2019	Key Management Interoperability Protocol Release of KMIP version 2.1, adding capabilities for ping, asynchronous request processing, standardizing server-side key rotation, and introducing attribute constraint mechanisms.
2019	Key server The public SKS (Synchronizing Key Server) keyserver pool experiences a significant spamming attack, marking a turning point for OpenPGP key server infrastructure.
2019	Key Management Interoperability Protocol KMIP version 2.1 released, adding Ping functionality, standardizing server-side key rotation, and introducing capabilities to set and query attribute defaults and constraints.
2019	Extended Validation Certificate Chrome 77 removed the EV certificate indication from omnibox, shifting EV certificate status viewing to a detailed lock icon view.
2018	Key Management Interoperability Protocol KMIP version 2.0 released, removing deprecated items, improving attribute representation, introducing client log operations, enhancing error handling, and adding support for tokenization, CSR objects, and multiple new attributes and query extensions.
2018	Qualified website authentication certificate The European Union approached the CA/Browser Forum (CABF) requesting to partner on updating existing Extended Validation (EV) certificate requirements to include additional Subject information.
2018	Qualified website authentication certificate Google began the process of deprecating EV certificate visual indicators in web browsers, discouraging the EU from continuing to use EV certificates.
September 2018	Extended Validation Certificate Apple Safari on iOS 12 and MacOS Mojave removed the visual distinction of EV certificate status.
August 2018	Forward secrecy TLS 1.3 was published, dropping support for ciphers without forward secrecy. Wikimedia Foundation began requiring the use of forward secrecy.
May 2018	Extended Validation Certificate Google announced plans to redesign user interfaces of Google Chrome, removing emphasis for Extended Validation (EV) certificates.
March 1 2018	Certificate authority Baseline Requirements v1.4.4 introduced, further reducing maximum certificate lifetime to 825 days.
January 1 2017	Forward secrecy App Transport Security (ATS) became mandatory for iOS apps, enforcing the use of HTTPS transmission with forward secrecy.
2016	Key Management Interoperability Protocol Release of KMIP version 1.4, enhancing asynchronous operations, key import/export, supporting PKCS #12, and adding numerous cryptographic and operational extensions.
2016	Key Management Interoperability Protocol KMIP version 1.4 released, enhancing asynchronous operations, key import/export, adding support for PKCS #12, standardizing key wrapping, and introducing multiple cryptographic and attribute-related extensions.
June 2016	Forward secrecy At WWDC, Apple announced App Transport Security (ATS), which requires encryption ciphers providing forward secrecy for iOS apps.
January 2016	Key size NSA launched the Commercial National Security Algorithm Suite (CNSA 1.0), establishing initial quantum-resistant cryptographic standards.
2015	Key size NIST updated recommendations to a minimum of 2048-bit keys for RSA. The NSA announced plans to transition to quantum-resistant algorithms by 2024.
2015	Key Management Interoperability Protocol KMIP version 1.3 released, featuring Streaming Cryptographic Operations, Client Registration, Locate offset/Limit, Template Deprecation, RNG queries, and other improvements.
May 2015	Certificate authority Netcraft reported that three certificate authorities (Symantec, Comodo, GoDaddy) account for three-quarters of all issued TLS certificates on public-facing web servers, with Symantec holding the top spot.
April 1 2015	Certificate authority Baseline Requirements v1.3.0 introduced, reducing maximum certificate lifetime to 39 months.
2014	Key Management Interoperability Protocol Started tracking normalized test cases and profile tests for KMIP interop participants with multiple years of participation.
November 18 2014	Certificate authority A group of companies and nonprofit organizations, including the Electronic Frontier Foundation, Mozilla, Cisco, and Akamai, announced Let's Encrypt, a nonprofit certificate authority that provides free domain validated X.509 certificates.
July 2014	Forward secrecy Wikimedia Foundation wikis began providing forward secrecy to users.
June 2014	Key Management Interoperability Protocol KMIP version 1.2 released, adding Cryptographic Operations (Encrypt, Decrypt, Sign) and introducing Profiles, including Application Identifiers for tape libraries.
November 2013	Forward secrecy Twitter implemented forward secrecy with TLS for its users.
February 2013	Certificate authority Certificate Authority Security Council (CASC) was founded as an industry advocacy organization dedicated to addressing industry issues and educating the public on internet security, with the seven largest Certificate Authorities as founding members.
February 2013	CA/Browser Forum Certificate Authority Security Council (CASC) was formed to promote CA/Browser Forum standards, with founding members including Comodo CA, Symantec, Trend Micro, DigiCert, Entrust, GlobalSign, and GoDaddy.
January 2013	CA/Browser Forum CA/Browser Forum's first 'Network and Certificate System Security Requirements' took effect, defining best practices for protecting CA networks and supporting systems.
January 2013	Key Management Interoperability Protocol KMIP version 1.1 released, introducing minor updates to the protocol.
August 2012	Texas Instruments signing key controversy The RSA Lattice Siever (RSALS) distributed computing project, which had been active for nearly three years and factored over 400 integers, transitioned to RSALS-inspired NFS@home.
We are only showing the most recent entries for this topic.