TWIET 399: DNS Over SSL and Fighting Misinformation

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

1 Like

We just went through a fire drill at work because the certificate provider for InCommon (an academic federation) had one of their intermediaries expire due to an expiring root. Unfortunately, their utilities were giving us only the expiring root in the CA Bundle file right up to a month before the old root expired. We didn’t have to re-issue the certificates, but we had to ensure our servers (and some clients) were emitting and using the alternative intermediary.

This just points out that we still need good patch management for devices. It seems like it’s too often an afterthought - hence @Leo and Steve’s assertion about the “s” in IoT. How are you going to know if your milk is expiring in the LG Fancy Internet Connected Fridge 2015 if it can’t get to the Internet anymore in 2020 due to a lack of simple Operations and Maintenance?

1 Like