CASC Happenings at RSA

Posted by on February 25, 2013 2 comments

We are excited to have members of the CASC attending and speaking at this year’s RSA Conference. The events and panels will cover various topics that revolve around the security of the Internet and CAs as a whole. You can follow the CASC on Twitter for more information and news at @CertCouncil, as well as see some of the presentations after the events on our SlideShare page. Please join us for the following CASC member events:   Tuesday, February 26, 2013, 2:30-3:30 PM, Room 304 TECH-T18 – Alternatives to Certification Authorities for a Secure Web Moderator(s): CASC...

Read More

OCSP Stapling: Improved Performance and Security, a Win-Win

Posted by on February 14, 2013 1 comment

The launch of the CASC has given its members a unique platform through which we can educate users about online security and the best practices in utilizing SSL. That’s why we’ve decided to pair the group’s launch with a focused effort on OCSP stapling. Why OCSP stapling? For one, stapling is already supported by IIS and the newest versions of Apache and nginx. Although server software does not enable OCSP by default, servers can be re-configured with a little education. OCSP stapling is a significant improvement on traditional CRLs and OCSP revocation mechanisms because it...

Read More

Certificate Revocation and OCSP Stapling

Posted by on February 14, 2013 1 comment

Revocation As a body of global CAs, the CA Security Council is committed to educating server administrators, end-users and other interested parties about SSL enhancements and best practices that can better protect everyone. An important initiative that can make a practical difference right now is addressing easily implemented improvements to certificate status services that handle revocation of invalid or expired certificates, specifically the implementation of OCSP stapling. What is certificate revocation? Certificate revocation is an important component of assuring SSL does its job and...

Read More

World’s Leading Certificate Authorities Come Together to Advance Internet Security and the Trusted SSL Ecosystem

Posted by on February 14, 2013 1 comment

San Francisco, CA. – February 14, 2013 – Leading global certificate authorities announced the creation of the Certificate Authority Security Council (CASC), an advocacy group, committed to the exploration and promotion of best practices that advance the security of websites and online transactions. Through public education, collaboration, and advocacy, the CASC strives to improve understanding of critical policies and their potential impact on the internet infrastructure. Members of the CASC include Comodo, DigiCert, Entrust, GlobalSign, Go Daddy, Symantec, and Trend Micro. Click...

Read More

CAs Unite

Posted by on February 14, 2013 0 comments

Today marks an important day for internet security and future SSL enhancements, as the world’s seven largest publicly trusted Certificate Authorities are announcing the formation of the Certificate Authority Security Council. While leading CAs have worked together for years to address security challenges and meet them with evolving and increasingly strict standards and best practices through the CA/Browser Forum and other industry venues, we’ve lacked a union where we can come together and speak with a unified CA voice. The CASC will do just that. While not a standards-setting...

Read More