December 2018 Archives

Was the root cause of the O2 outage really an expired certificate?

Why wasn't the "root cause" any of these?

  • Certificate expiration not monitored
  • Certificate renewal process complex so that everyone hopes someone else fixes it
  • Certificate renewal is so rare, we aren't good at doing it
  • Deploying new certificates manual and error-prone
  • Vendor did not document all periodic maintenance requirements
  • Soon-to-expire certs not logged
  • Logging for each component an island onto itself

The reason, dear reader, is that there is no such thing as a single "root cause". There are only contributing factors.

When will the industry learn?

Posted by Tom Limoncelli

 
  • Don't Miss Out - Register Today