RunAs Radio

The 47-day certificate is coming! While at NDC in Toronto, Richard received an update from Todd Gardner about his show last year: certificate authorities are moving toward SSL certificates that last only 47 days! Todd talks about the first decrease in duration that has already passed - as of March 2026, the longest duration certificate you can buy from certificate authorities is 200 days. At the core of these changes is the problem that certificate revocation just isn't working properly, so a short certificate lifespan is the effective solution. Short certificate lifespans make automation to replace certificates essential - and that's where CertKit and other tools come in!

Links

Lets Encrypt

ACME Client Implementations

CertKit

Apple's 398 Day Rule

Microsoft SHA-1 Retirement

Google Transparency Logs

Perfect Forward Secrecy

Recorded May 8, 2026

What can go wrong with machine learning? While at NDC in Toronto, Richard chatted with Megan Robertson about her experience with machine learning projects, often using retail datasets, and where they can go wrong. Megan talks about getting clear expectations and metrics for projects, so you know when you succeed, but then digs into the specifics of problems in machine learning, such as overfitting on test data. Your results are only as good as the data you put in, so a lot of focus goes into building good sets, carefully developing the model with those sets, and using techniques like cross-validation to ensure the model is behaving appropriately. There's a lot that can go wrong, but the results with an effective model can be very powerful - it is worth the effort!

Links

Cross Validate Model

Megan's Website

Recorded May 7, 2026

How do you intelligently surface access to your database? While at NDC Toronto, Richard spoke with Jerry Nixon about Data API Builder, Microsoft's tool that enables data professionals using Microsoft databases, including SQL Server, Postgres, CosmosDB, and MySQL, to provide an API layer with security, schema extraction, and governance policies. You can expose the API as a REST interface, a GraphQL interface, and an MCP server! This is a powerful tool for providing controlled access to data while still allowing for ad-hoc access. The potential is huge - you need to check it out!

Links

Data API Builder

GraphQL

Recorded May 7, 2026

How can Microsoft Loop make your team more productive? Richard chats with Karinne Bessette about the role that Loop components can play in making meetings where the agenda is live, generating work items in Microsoft Planner, and keeping key information up to date. Karinne talks about how Loop components can be connected to any M365 document, including Outlook, Word, Excel, and OneNote, but only for members of the M365 tenant. Loop is a powerful tool for productivity within the organization!

Links

Microsoft Loop

Microsoft Planner

Microsoft OneNote

Power Automate

Loop Components in OneNote

Teams Polls

Polls in Loop

Loop Admin Policies

Recorded April 27, 2026

The original Secure Boot certificate expires in June 2026! Richard talks to Richard Hicks about how Secure Boot works and how the expiration of the master certificate can leave PCs vulnerable to boot-related malware, such as rootkits. Richard discusses recent Microsoft communications on SecureBoot and how to check which certificate your machines have. Workstations using managed updates are likely already up to date, but servers are a different issue. When the certificate expires, you'll no longer receive updates to Secure Boot for known exploits, leaving your machines vulnerable. Update today!

Links

Secure Boot Certificates Expiring

Sony Rootkit Scandal

Secure Boot Playbook for Windows Client

Windows Update Management

Registry Key Updates for Secure Boot

Richard's Blog Post on Secure Boot EUFI Certificates Expiring

Get-UEFICertificate in PowerShell Gallery

Recorded March 9, 2026