A recent CA/Browser Forum ballot sponsored by Google stands to limit SSL certificate lifespans to 397 days starting in March 2020. Should this pass, organizations using two-year SSL certificates will need to change their practices to only one-year certificates moving forward. Fortunately, automation options are available.
Homes and businesses worldwide are vulnerable to attacks from cyber thieves and other bad actors – and not just through their computer networks. The embedded electronics inside appliances present an easy path of entry. It’s already happened.
The Root Causes podcast explores the important issues behind today’s world of PKI, online trust, and digital certificates. In this episode hosts Jason Soroko and Tim Callan discuss the ins and outs of random numbers including their importance in cryptography, the extreme difficulty of generating truly unpredictable numerical values, and the bad consequences that can ensue when you don’t.
New research from Georgia Tech’s Cyber Forensics Innovation (CyFI) Lab on the topic of Extended Validation (EV) SSL and online criminal actors reveals that domains with EV SSL certificates are 99.99% likely to be unassociated with bad cyber actors. CyFI studied 2.6 million domains associated with EV SSL to arrive at these results.
An article from yesterday incorrectly calls Comodo an issuer of SSL certificates. Comodo has not been in the digital certificate business since 2017, when Sectigo spun out as its own business.
The process for a Certificate Authority to issue an Extended Validation (EV) SSL certificate is more stringent than with DV or OV certificates. The CA follows a process based on CA/Browser Forum guidelines.
In its upcoming build 70, Firefox will incorporate a “Not Secure” warning for non-SSL pages. This warning will appear to the left of the address, where the company-branded green address bar appears on sites with EV SSL certificates.
We are here for you!
Talk to a fellow human.
