04 Feb 2018 | 16 minute read
I was reading Hackernews the other day when I came upon the following tweet: which made me curious to quantify exactly how many and which sites will have their trust removed. This blog post answers these questions by writing a scanner to detect bad Symantec certificates (using the same logic Google Chrome uses), and running it against the Alexa Top 1 Million sites. But first, some context.
Continue reading "Quantifying Untrusted Symantec Certificates" →
26 Jan 2018 | 9 minute read
This post describes the steps needed to deploy Certbot (a well-maintained LetsEncrypt/ACME client) inside AWS Lambda. The setup used below is now powering 100% automated TLS certificate renewals for this website - the lambda runs once a day and if there’s less than 30 days remaining on my existing cert it will provision a new one and import it to be served by my CDN.
Continue reading "Deploying EFF's Certbot in AWS Lambda" →