CEO Blog

A virtual club to communicate with peers and users in the cryptographic industry
Meet friends on blog, it is my mission to popularize cryptographic knowledge, cryptographic application and zero trust ideas.

  • Recommended
  • 密码讲堂
  • 网站安全
  • 国密证书自动化管理
  • 国密证书透明
  • 零信浏览器
  • SSL 证书
  • 零信任
  • 定制中级根
  • 身份可信
  • 其它
    • Google wants to “Move together” or “Remove” other CAs?

    Google wants to “Move together” or “Remove” other CAs?

    This article gives a solution to Google's plan to shorten the validity period of SSL certificates to 90 days. This solution is not ACME Client software, but the SM2 ACME Gateway hardware and SM2 ACME Cloud service. This is the only feasible solution.

    March 14, 2023Read more
    Is China ready for the SSL certificate “broken supply”?

    Is China ready for the SSL certificate “broken supply”?

    The RSA SSL certificate has been revoked and “broken supply” in Russia after the Russia-Ukraine conflict. This extreme situation is very likely that one day in the future will also occur in China! So, is China ready for emergency preparations? This article gives an accurate answer!

    November 04, 2022Read more
    SM2 Certificate Transparecncy ensure the security of SM2 SSL certificates

    SM2 Certificate Transparecncy ensure the security of SM2 SSL certificates

    The Certificate Transparency mechanism has successfully protected the security of 7.4 billion globally trusted SSL certificates. Can we learn from this mechanism to ensure the security of the SM2 SSL certificates? The answer is YES, definitely! That is the SM2 Certificate Transparency mechanism.

    September 30, 2022Read more
    China online banking start to use SM2 algorithm https encryption

    China online banking start to use SM2 algorithm https encryption

    The Russia-Ukraine conflict caused the RSA SSL certificate deployed by Russia’s online banking to be revoked, and all users cannot access the online banking system normally. China's online banking systems are also deployed RSA SSL certificate that may be revoked at any time. How to prevent the risk of revoking, the Bank of China has given the correct answer.

    August 01, 2022Read more
    Re-understanding SSL certificate

    Re-understanding SSL certificate

    The DV SSL certificate, which only validates the domain name control, has accounted for 83.43% of the SSL certificate. The SSL certificate has been out of shape and turned into an encryption tool, and the original intention of proving the identity of the website has been lost. What to do? Does the trusted identity of a website no longer matter?

    June 06, 2022Read more
    SSL certificate deployment must be "One machine, One certificate"

    SSL certificate deployment must be "One machine, One certificate"

    This is a security issue that all websites’ administrators tend to ignore or do not think of when deploying SSL certificates, but it is very important. Therefore, the author thinks it is necessary to write a blog post on this matter, do not miss.

    May 23, 2022Read more
    Mobile App https encryption guideline

    Mobile App https encryption guideline

    Mobile Internet users have surpassed PC Internet users, which is a big challenge for mobile App security without a unified development standard. How to use https encryption as securely as a browser, this article is worth reading, don't miss it!

    April 22, 2022Read more
    "Three misunderstandings of SSL certificate" continuance

    "Three misunderstandings of SSL certificate" continuance

    The author published "Three Misunderstandings of SSL Certificate" in the "China Computer World" newspaper 18 years ago. Today, 18 years later, there are still some misunderstandings about SSL certificates, especially the misunderstanding of SM2 SSL certificate, so the author writes a continuance.

    March 21, 2022Read more