Expert SSL & Web Security News, Articles & Advice | Sectigo Blog

Be Prepared for One-Year SSL Certificate Duration

by Tim Callan, Senior Fellow, Sectigo

A recent CA/Browser Forum ballot sponsored by Google stands to limit SSL certificate lifespans to 397 days starting in March 2020. Should this pass, organizations using two-year SSL certificates will need to change their practices to only one-year certificates moving forward. Fortunately, automation options are available.

When Refrigerators Attack - How Cyber Criminals Infect Appliances, and How Manufacturers Can Stop Them

by Alan Grau, VP of IoT, Embedded Systems, Sectigo

Homes and businesses worldwide are vulnerable to attacks from cyber thieves and other bad actors – and not just through their computer networks. The embedded electronics inside appliances present an easy path of entry. It’s already happened.

Root Causes Podcast - Entropy and Random Numbers

by Jason Soroko, CTO of IoT, and Tim Callan, Senior Fellow

The Root Causes podcast explores the important issues behind today’s world of PKI, online trust, and digital certificates. In this episode hosts Jason Soroko and Tim Callan discuss the ins and outs of random numbers including their importance in cryptography, the extreme difficulty of generating truly unpredictable numerical values, and the bad consequences that can ensue when you don’t.

New Research on EV SSL Security from Georgia Tech: EV Domains 99.99% Free of Online Crime

by Tim Callan, Senior Fellow, Sectigo

New research from Georgia Tech’s Cyber Forensics Innovation (CyFI) Lab on the topic of Extended Validation (EV) SSL and online criminal actors reveals that domains with EV SSL certificates are 99.99% likely to be unassociated with bad cyber actors. CyFI studied 2.6 million domains associated with EV SSL to arrive at these results.

Attention Journalists and Researchers: Don't Confuse Comodo with Sectigo

by Tim Callan, Senior Fellow, Sectigo

An article from yesterday incorrectly calls Comodo an issuer of SSL certificates. Comodo has not been in the digital certificate business since 2017, when Sectigo spun out as its own business.

EV Fallacies Debunked - "This Other Site Isn’t Using EV So I Shouldn’t Either"

by Tim Callan, Senior Fellow

One logical fallacy that frequently occurs when evaluating Extended Validation is to assume that if some other site is not using EV SSL, that means you shouldn't either. Read on to learn why this reasoning is a dangerous fallacy.

Seven Steps to EV SSL Issuance

by Liza Colburn, Director of Communications, Sectigo

The process for a Certificate Authority to issue an Extended Validation (EV) SSL certificate is more stringent than with DV or OV certificates. The CA follows a process based on CA/Browser Forum guidelines.

Firefox to Add “Not Secure” Warning to Non-SSL Pages

by Tim Callan, Senior Fellow, Sectigo

In its upcoming build 70, Firefox will incorporate a “Not Secure” warning for non-SSL pages. This warning will appear to the left of the address, where the company-branded green address bar appears on sites with EV SSL certificates.

Sectigo Blog

Chat With Us

United States

International

Chat With Us

United States

International

Chat With Us

United States

International