The PKI Consortium invites researchers, practitioners, and industry leaders to submit abstracts for the PQC Conference 2025 in Kuala Lumpur, Malaysia. This hybrid event (October 28-30, 2025) will focus on the status and practical implementation of post-quantum cryptography across strategic and technical dimensions.| PKI Consortium
Over two days of intensive programming, experts delivered compelling presentations and engaged in insightful panel discussions, both in plenary sessions and concurrent breakout tracks. This year, the focus shifted decisively from theoretical exploration to concrete, actionable steps for implementing quantum-safe cryptography. The key takeaway was clear: delay poses the greatest risk, and immediate action is essential to achieve quantum resilience.| PKI Consortium
Join us on January 15 and 16, 2025, at the Thompson Conference Center, University of Texas, Austin for the third Post-Quantum Cryptography Conference. Explore the future of cryptography with industry leaders, technical experts, and decision-makers from across the globe.| PKI Consortium
Ongoing efforts to deploy PQ/hybrid KEMs as drop-in replacements for current mechanisms are well-tested and crucial for protecting information and identity in the near future. On the other hand, PQ signatures remain an unsolved problem - at least in terms of being drop-in replacements for ECC/RSA.| Blog on PKI Consortium
The PKI Consortium is managing a a list of cryptographic devices that includes support for remote key attestations, without endorsing their implementation or quality.| Blog on PKI Consortium
We would like to thank and also invite Apple to work more closely with organizations such as the CA/Browser Forum, ETSI and the PKI Consortium to address its concerns, work towards harmonization of policies and to support standardized automation in its software before making any changes on its own. This is because unilaterally enforced policies, especially those that go beyond your own root program, can have a disproportionate impact on PKI implementations, its relying parties and the entire ...| Blog on PKI Consortium
The PKI Consortium is curating a global List of Trust Lists (a curated list of root, intermediate or issuing CA certificates accepted by a public, private, industry, or solution-specific PKI), one that is not limited to a specific purpose, region, or size, and is open to anyone to contribute.| Blog on PKI Consortium
The PKI Consortium is collecting information (and looking for contributions) on how or if solutions provide a method to prove to a remote party that a private key was generated, managed inside, and not exportable from, a hardware cryptographic module.| Blog on PKI Consortium
As we settle into month two of isolation in the world’s collective battle against the COVID-19 pandemic, one talking point you’ve undoubtedly heard time and again is that this won’t truly be over until there’s a vaccine. A post about how quantum computing could simplify it and reduce the time it takes exponentially.| Blog on PKI Consortium
With secure HTTP — aka HTTPS (the “S” is short for “secure”) — swiftly becoming universal on the Internet, it is important to know how to configure HTTPS for your website the right way. The payoff for properly securing your website has many benefits.| Blog on PKI Consortium
A popular saying goes: “Trust takes years to build, seconds to break, and forever to repair.” While I wouldn’t completely agree, the idea isn’t wrong. In real life trust between two parties is established over some period of time, depending on a variety of factors. Have you ever wondered why you initially trust some people more and others less, even if you’ve never met them before? There are a complicated multitude of factors that influence our thoughts: the person’s appearance, t...| Blog on PKI Consortium
In a phased approach, Chrome plans to block mixed content on secure websites to improve user security. Most browsers already block some mixed content such as scripts and iframes by default. Chrome is amping it up by gradually taking steps to also block images, audio recordings and videos, according to a recent Google Security blog. Preventing mixed content to load will eventually result in HTTPS websites losing their security indicator downgrading the site to HTTP, which alerts visitors th...| Blog on PKI Consortium
It’s time for the CA/Browser Forum to focus on the other half of its mandate Let’s have a candid discussion about Extended Validation SSL. What’s working. What’s NOT. And what can be done to fix it so that all parties involved are satisfied. But first, let’s zoom out and talk big picture. The vast majority of website owners almost never think of SSL. They worry about it once every year or so when it needs to be replaced, but it’s not really a major point of consideration.| Blog on PKI Consortium
The purpose of this article The purpose of this article is to demonstrate why I believe browser-based UI for website identity can make the web safer for everyone. I explain in great detail, the reasons why the UI and UX didn’t work in the past. And what’s left is only making the problem worse instead of better. Some people seem to find it difficult to consume my thoughts about the enforcement of “HTTPS EVERYWHERE”, free DV certs and the browser padlock.| Blog on PKI Consortium
You can’t have consumer privacy without having strong website identity Today there’s a huge wave toward protecting consumer privacy – in Congress, with the GDPR, etc. – but how can we protect user privacy on the web without establishing the identity of the websites that are asking for consumer passwords and credit card numbers? Extended Validation (EV) certificates provide this information and can be very useful for consumers. Recently, Google and Mozilla have announced plan to elimin...| Blog on PKI Consortium
Join us on November 7 and 8, either in-person at the Meervaart in Amsterdam or remotely online. Explore the forefront of Post-Quantum Cryptography with renowned speakers from NIST, ENISA, BSI, and more. Registration is free and open to all, not limited to PKI Consortium members.| pkic.org
The PKI Consortium, a dynamic alliance dedicated to enhancing trust and security within the digital landscape, proudly announces the preview release of its pioneering PKI Maturity Model. A collaborative effort by the PKI Maturity Model Working Group, this model will revolutionize the way organizations can plan, evaluate, and compare Public Key Infrastructure (PKI) implementations.| pkic.org
Call for Presentations We are pleased to announce that we are currently welcoming submissions for presentation proposals at the upcoming PKI Consortium’s Post-Quantum Cryptography Conference. The conference will be held on November 7-8, 2023, in the vibrant city of Amsterdam, the Netherlands. We’re looking for speakers to share their expertise on a variety of topics related to Post-Quantum Cryptography. Speakers are expected to be physically present at the conference. Speakers are prohibi...| pkic.org
The PKI Consortium held its first Post-Quantum Cryptography conference on Friday March 3, in Ottawa, Canada. With a hundred attendees onsite and over six hundred attendees watching the live stream, it was a resounding success.| pkic.org
The PKI Consortium is managing a PQC Capabilities Matrix of software applications, libraries and hardware that includes support for Post-Quantum Cryptography, without endorsing their implementation or quality.| pkic.org
Speakers at this conference include some of the world’s top Post-Quantum Cryptography (PQC) experts and come from government science agencies, standards bodies, and private organizations at the forefront of this new challenge to digital security. Topics will cover the status of PQC standardization at NIST, ETSI, and IETF, government preparations, migration strategies, etc.| pkic.org
The PKI Consortium recently established the PKI Maturity Model Working Group to build a PKI maturity model that will be recognized around the globe as a standard for evaluation, planning, and comparison between different PKI implementations. In this blog post we will tell you more about why we are building the model and how you can contribute to it.| pkic.org
On 26 January PKI Consortium and ETSI signed a Memorandum of Understanding (MoU) to structure and strengthen the relationship between both organizations and foster a closer relationship.| pkic.org
The PKI Consortium publishes initial draft of the PKI maturity model with related resources to help the industry build mature and future proof PKI including guidelines on how to evaluate the assessment and provide reporting to relying parties. The PKI maturity model is recognized as a standard for evaluation, planning, and comparison between different PKI implementations. In this blog post we are going to introduce the model.| PKI Consortium
Over the years, the need for private, industry, or solution-specific PKI has grown significantly, with stricter policies and the revocation of certificates and CAs becoming more common. The impact of changes in centralized PKI have caused delays and disruption of third-party services that may or may not have been considered. Any PKI (public, private, or specific) must operate according to best practices, clear policies and without a single point of failure.| pkic.org
Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.| pkic.org
Code Signing Certificates demand a price premium in the underground online marketplace. This is no surprise considering that criminals sometimes use them to dupe their potential victims into installing malware in their machine.| pkic.org
Quantum computing is advancing, and while experts are not sure when there will be a quantum computer powerful enough to break the RSA and ECC cryptographic algorithms that are currently in use, many are operating under the assumption that this can happen within a 10-15 year timeframe.| pkic.org
When it comes to protecting an organization’s data and users, CISOs have no shortage of hurdles. Identity attacks have become sophisticated and convincing, thanks to ransomware, phishing and deep fakes. CISOs have long known the importance of strong identification and authentication controls, but with threats constantly changing and intensifying, having these controls in place is just one piece of the puzzle; they must be managed correctly in order to do their job.| pkic.org
A whirlwind of activity will cause dramatic shifts across the PKI world in the year ahead Suffice it to say that 2019 was filled with challenges and contentiousness as Certificate Authorities and Browsers began to watch their shared visions diverge. The debate around Extended Validation continued as CAs pushed for a range of reforms and browsers pushed to strip its visual indicators. And a ballot to shorten maximum certificate validity periods exposed fault-lines at the CAB Forum.| pkic.org
