In the recent past, web security has undergone a series of upgrade to more secure strategies advocating the use of HTTPS encryption features. In November 2017, Google announced that they will implement some changes in their Chrome web browser. True to their word, Google released Chrome 68 in July this year. The browser comes with an additional feature that marks any HTTP site as insecure, with… [read more →]
The London protocol refers to a treaty or agreement signed in London. One such agreement was recently signed with the aim of minimizing phishing activities on identity websites and improving management assurance. The protocol was launched by the Certificate Authority Council (CASC). A rise in phishing attacks motivated CASC certificate authorities to develop the London protocol. The objective of… [read more →]
Currently there is a lot of talk and upset customers in the online security field due to over 23,000 Certificate suddenly being revoked. Below is an outline of the events within the last month leading to this event. On February 2nd an official at DigiCert received a request from Trustico to revoke over 50,000 Certificates that had been issued through the reseller Trustico. DigiCert then needed to… [read more →]
At the moment you can purchase a 1,2 or 3 year term for new and renewal SSL Certificates. This will soon be changing with the CAB Forum Ballot 193. The CAB Forum is the governing body that sets many rules and guidelines for the issuance of SSL Certificates. It is comprised of a group of leading individuals from Certificate Authorities and Browsers. On March 1st, 2017 they released the document… [read more →]
As of October 31st 2017 DigiCert completed the acquisition of Symantec’s Certificate Authority business. This also includes GeoTrust, Thawte and RapidSSL. This acquisition came about after google announced they will be distrusting Symantec Certificates ( only certificates issued prior to December 1st 2017 ) due to questionable website authentication certificates issued by Symantec Corporation’s PKI… [read more →]
To help web users browse websites more safely, Google Chrome displays a lock icon in the address bar to indicate a website secured by an SSL Certificate ( HTTPS ). Google Chrome had not shown HTTP connections as non-secure until January 2017; This is when Google started to push updates to their chrome browser to better indicated to their users if a website is secure or not. If a web page collects… [read more →]
The CA/B Browser forum has announced that all the SSL certificates granted for Internal Server names will be revoked before October 26th 2015. As a result, IP addresses or intranet names can no longer be used as the primary domain names or Subject Alternative Names (SANs). Therefore, it is going to be virtually impossible for you to procure SSL certificates for host names if you can’t verify it e… [read more →]