Client Authentication EKU Phased Out

This blogpost addresses the upcoming changes regarding the removal of Client Authentication Extended Key Usage (EKU) from publicly trusted SSL/TLS certificates, a shift driven by security concerns and the need for clearer roles in cryptographic operations.

PKI

PKI Nothing published yet! Read More » 19 August 2025

S/MIME

S/MIME S/MIME S/MIME S/MIME Read More » 4 September 2025 S/MIME certificates seem not trusted Read More » 9 March 2023 Outlook is unable to send an encrypted email to recipients in my company Read More » 10 March 2023 Apple Mail cannot verify the digital signature, why?? Read More » 10 March 2023 What’s […]

Breaking News: Prepare for 47-Day SSL/TLS Certificates

The CA/Browser Forum Ballot for drastically reducing the maximum lifespan of publicly trusted SSL/TLS certificates has officially passed. Read in this blog post what actions you need to take to ensure you are prepared for this.

DNS CAA S/MIME Resource Check 2025 Required

Starting March 13, 2025 CA’s such as DigiCert will start checking CAA resource records before issuing a Secure Email (S/MIME) certificate with a mailbox address. Read how to check and why this CAA S/MIME resource check is needed.