@KeyfactorComm profile picture
Keyfactor Community @KeyfactorComm

As a pioneer in open-source cryptography, PKI, and signing, we offer Bouncy Castle cryptographic APIs, EJBCA, and SignServer as free and open source software.

Joined September 2011
  • Tweets 1,128
  • Following 264
  • Followers 1,218
654 Photos and videos
Entropy = Security In this #KEYMASTER, David Hook (Bouncy Castle) & Sven Rajala reveal why randomness is the lifeblood of crypto, and why FIPS says “fail loudly” if it is compromised. Weak entropy = predictable keys = broken security. Read&Watch: ejbca.org/resources/keymaste…
1
103
Big News: Bouncy Castle is now a CVE Numbering Authority (CNA)! This milestone puts us at the heart of the global effort to make vulnerability disclosure faster, more transparent, and more secure. 🔗 Read more: bouncycastle.org/resources/b… #CNA #CVE #SBOM #SupplyChainSecurity #AppSec

Bouncy Castle Joins the CVE Program as a Numbering Authority (CNA) - Bouncycastle

Bouncy Castle is an authorized CVE Numbering Authority (CNA).

bouncycastle.org
1
2
186
Keyfactor Community retweeted
CVE Announcements@CVEannounce
5 Aug 2025
Legion of the Bouncy Castle is now a CVE Numbering Authority (CNA) assigning CVE IDs for Legion of the Bouncy Castle issues only cve.org/Media/News/item/news… #cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity #opensource @CVEnew
New CVE Program Partner

ALT New CVE Program Partner
2
2
610
Patch releases are now allowed for FIPS-certified Bouncy Castle modules! Thanks to a FedRAMP policy, you can now patch CVEs without breaking compliance—as long as crypto functions stay unchanged. First up: BC Java FIPS 2.1.1 Read more: bouncycastle.org/resources/p…

Patch Releases Now Permitted for FIPS-Certified Bouncy Castle Java and C# .NET - Bouncycastle

To align with updated FedRAMP compliance guidance, we are introducing an “update stream” for Bouncy Castle FIPS-certified modules. This stream will allow timely patching of vulnerabilities (e.g.,...

bouncycastle.org
1
67
We are excited to share that the Bouncy Castle Jentropy Engine has officially received Entropy Source Validation (ESV) certification from NIST! Read More and Download: bouncycastle.org/resources/b…
1
1
88
New Release Alert! Bouncy Castle updates: Java 1.81 & C# .NET 2.6.1 Dive into the future of cryptography: bouncycastle.org/resources/b… #PostQuantum #BouncyCastle #IoTSecurity #CryptoAgility #OpenSourceCrypto
1
137
In this #KEYMASTER episode, @Keyfactor’s Sven Rajala is joined by PKI expert Mike Kushner to explore how certificate linting, a practice borrowed from the public web PKI world, helps catch issues before certificates are issued. Read more and watch: ejbca.org/resources/keymaste… #PKI
1
2
117
Ephemeral certs: not new, just better understood. Sven & Tomas unpack short-lived certs. Use cases? Service meshes, keyless signing, IoT scale. Read and Watch on YouTube: ejbca.org/resources/keymaste… #PKI #DevSecOps
1
2
145
Now that #PQC Readiness is in the spotlight, what about the HSMs? In this #KEYMASTER episode, Sven Rajala and Tomas Gustavsson discuss the current state of hardware security modules with PQC algorithms like LMS, ML-DSA, and ML-KEM. Watch now: ejbca.org/resources/keymaste…
2
2
97
When Are You PQC Ready? The journey to #post-quantum cryptography (#PQC) readiness is more than just adopting new algorithms. In this #KEYMASTER episode, Sven Rajala and Tomas Gustavsson explore what it truly means to be #PQC-ready. Watch now: ejbca.org/resources/keymaste…
1
118
Introducing Keyfactor for Developers – your all-in-one platform for PKI and signing security. Build, experiment, and scale – we have all the hands-on access and comprehensive resources to get you started. Learn more: keyfactor.com/keyfactor-for-…
1
3
114
Bringing Transparency to #SoftwareSupplyChains – In this #KEYMASTER episode, Fredrik Skogman from @GitHub and host Sven Rajala deep dive into #SLSA (Supply-chain Levels for Software Artifacts) and its role in Software Supply Chain #Security. Watch now: ejbca.org/resources/keymaste…
3
102
TUF Love: Securing Software Updates with #TheUpdateFramework. In this #KEYMASTER session, Fredrik Skogman, specializing in software supply chain security at @GitHub, shares valuable insights on #TUF with Sven Rajala. Watch now: ejbca.org/resources/keymaste…
1
101
The Evolving Landscape of SBOMs - In this episode of #KEYMASTER, Olle E Johansson joins Sven Rajala to explore Software Bill of Materials (SBOMs)—a critical yet complex tool for software security. Watch now: ejbca.org/resources/keymaste…
1
110
ERCE? Never heard of it? Don’t worry, you are not alone. ERCE is actually the Easy Rest Client for EJBCA, and it just got some nice updates! Join us Live on our next YouTube session: ejbca.org/resources/live-on-…

Live on YouTube! ERCE - It's been a while, what's new, and don't stress - EJBCA

Erce is an open-source REST Client for EJBCA PKI. Its purpose is to act as a REST-based alternative to the EJBCA CLI and other enrollment protocols such as SCEP and CMP in environments where the UI...

ejbca.org
1
1
121
Key Archival and Recovery are crucial for PKI, enabling secure key recovery while ensuring compliance. Join Sven & Joey in this #KEYMASTER session—learn more and watch: ejbca.org/resources/keymaste… #EJBCA
1
1
112
Happy Friday! We have released a new version of Bouncy Castle Java featuring updates on PQC, lightweight cryptography, and more. bouncycastle.org/resources/p… #PQC #BouncyCastle #EncryptLikeItIs2030
1
113
Fresh KEYMASTER Episode Out Now! Join Florian Handke and Sven Rajala as they discuss Certificate Management for OPC UA and How the OPC UA Standard Enables Security in Industrial Environments. ejbca.org/resources/keymaste… #EJBCA #PKI
1
2
124
In this episode of #KEYMASTER, Tomas Gustavsson joins Sven Rajala, to uncover the hidden pitfalls of PKI in service mesh setups and how to overcome them. ejbca.org/resources/keymaste…
1
4
122
🎄Happy Holidays! 🎄In 2024, we connected online via videos and forums and IRL at the Stockholm Tech Meetup. Thanks, Tomas and David 👇. Let’s continue the conversation in 2025! This year we’re making a donation to EFF.org #PKI #PQC
1
100
Load more