CEO Blog

A virtual club to communicate with peers and users in the cryptographic industry
Meet friends on blog, it is my mission to popularize cryptographic knowledge, cryptographic application and zero trust ideas.

  • Recommended
  • 国密证书透明
  • SSL 证书
  • 零信任
  • 零信浏览器
  • 网站安全
  • 身份可信
  • 定制中级根
  • 其它
  • Who will secure the SM2 SSL certificates?

    Who will secure the SM2 SSL certificates?

    The Certificate Transparency mechanism has successfully protected the security of 7.4 billion globally trusted SSL certificates. Can we learn from this mechanism to ensure the security of the SM2 SSL certificates? The answer is YES, definitely! That is the SM2 Certificate Transparency mechanism.

    September 30, 2022Read more
    Certificate Transparency is zero trust to SSL certificate issuance

    Certificate Transparency is zero trust to SSL certificate issuance

    To issue an SSL certificate, user must first verify the domain name control. However, what if the CA system maliciously or mistakenly issues an unverified SSL certificate for a domain name? The certificate transparency mechanism designed by Google is to solve this problem, and it is a zero trust to the CA system and the certificate issuance behavior.

    September 30, 2022Read more
    SM2 Certificate Transparency is a must to ensure the security of SM2 HTTPS encryption

    SM2 Certificate Transparency is a must to ensure the security of SM2 HTTPS encryption

    The SM2 certificate transparency mechanism, together with the website filing mechanism and the domain name registration real-name system that have been implemented in China, form a complete website security system from domain name registration (website birth) to website operation to website security (encryption), which will be truly powerful to ensure the security and controllability of China's websites and the Internet, each mechanism is indispensable.

    September 30, 2022Read more
    Who is securing the world’s 7.3 billion SSL certificates?

    Who is securing the world’s 7.3 billion SSL certificates?

    This is a question that everyone may not care about. To ensure the security of the website, it is necessary to apply for and deploy an SSL certificate. So, who is securing the global trusted SSL certificates? This article is easy to understand, the metaphor is appropriate, and it explains the certificate transparency clearly that worth reading!

    September 13, 2022Read more
    In-depth interpretation of the US Federal Zero Trust Strategy (1)

    In-depth interpretation of the US Federal Zero Trust Strategy (1)

    Through an in-depth interpretation of the network part of the "Federal Zero Trust Strategy", readers can understand that https encryption is the key principle of zero trust, rather than a one-sided understanding that zero trust is only the always verification of user identity.

    September 09, 2022Read more
    China online banking start to use SM2 algorithm https encryption

    China online banking start to use SM2 algorithm https encryption

    The Russia-Ukraine conflict caused the RSA SSL certificate deployed by Russia’s online banking to be revoked, and all users cannot access the online banking system normally. China's online banking systems are also deployed RSA SSL certificate that may be revoked at any time. How to prevent the risk of revoking, the Bank of China has given the correct answer.

    August 01, 2022Read more
    The third of three steps of zero trust security for websites: trusted identity validation

    The third of three steps of zero trust security for websites: trusted identity validation

    Zero trust is a security principle, it is also very suitable for website security. All browsers display HTTP websites as "Not secure," which is zero trust to websites that don't have a validated trusted identity. ZoTrus Website Security Cloud Service realizes HTTPS encryption, cloud WAF protection and trusted identity validation with one click, efficiently and quickly protects website security, and perfectly realizes the three steps of zero trust security for websites.

    June 24, 2022Read more
    The second of three steps of zero trust security for websites: cloud WAF protection

    The second of three steps of zero trust security for websites: cloud WAF protection

    Zero trust is a security principle, it is also very suitable for website security. Never trust every web connection, always verify, allow normal connections, and block malicious connections. ZoTrus Website Security Cloud Service is a one-click realization of cloud WAF protection, efficient and fast protection of website security, and the perfect realization of the second of three steps of zero trust security for websites.

    June 22, 2022Read more
    The first of three steps of zero trust security for websites: HTTPS encryption

    The first of three steps of zero trust security for websites: HTTPS encryption

    Zero trust is a security principle, it is also very suitable for website security. HTTPS encryption is zero trust to HTTP cleartext transmission. ZoTrus Website Security Cloud Service is a one-click implementation of HTTPS encryption, efficient and fast protection of website security, and the perfect realization of the first of three steps of zero trust security for websites.

    June 20, 2022Read more
    Popularize the application of SM2 SSL certificate, starting from popularizing the use of SM2 browser

    Popularize the application of SM2 SSL certificate, starting from popularizing the use of SM2 browser

    To popularize the application of the SM2 SSL certificate, we must first have a browser that supports the SM2 algorithm and popularize the use of SM2 browser. Browsers (including mobile Apps), SSL certificates and web servers all support the SM2 algorithm to setup a SM2 certificate application ecosystem.

    June 17, 2022Read more
    IE, Bye Bye! Green address bar, No Bye Bye!

    IE, Bye Bye! Green address bar, No Bye Bye!

    On June 15th, IE browser, which has served users for 27 years, officially said goodbye to global Internet users. The author will not complain about many things about IE browser. Let’s write something about miss IE browser.

    June 16, 2022Read more
    Edge cloud WAF has more technical advantages than central cloud WAF

    Edge cloud WAF has more technical advantages than central cloud WAF

    Website security requires https encryption and cloud WAF protection, but in order to improve user experience, CDN plus edge WAF protection is most needed. The rapid product iteration of ZoTrus Website Security Cloud Service only provides the most needed and best website security cloud service.

    June 15, 2022Read more
    Richard_wang

    Dear Readers,

    Since the subtitle of the CEO blog is “Meet friends on blog”, as a scientific and technological worker rather than a literato, please do not care whether the grammar of the blog post is correct, but whether the article can help you understand PKI technology, cryptographic and zero trust. I have 30 years of experience in the IT industry, including CA, cryptography, software development, Internet, Internet security etc. Over the years, I have participated in many important domestic and international academic conferences, to understand the differences between Chinese and Western cultures and the latest technological frontiers. And has published many academic articles in newspapers and periodicals. In company operation, the two companies I founded have been acquired by a public listed Internet security company, and one of them is a CA that had won the sixth place in the world in the SSL certificate market and the first in the Chinese market.

    I firmly believe that my article will bring value to readers both academically and company operation. thanks.

    Welcome to follow the official WeChat of ZoTrus: zotrus, which will push each new blog in real time, so that you will not miss every wonderful blog post.


    Dec. 20, 2021, in Shenzhen, China