Certificate Reputation

Posted by on March 28, 2014 0 comments

One of the advantages of having multiple certification authorities (CAs) from which to choose an SSL certificate is that customers have flexibility to choose a CA that meets their specific needs, or even use a number of CAs for redundancy or to have access to a broader toolset. The disadvantage for end users, however, is that they often may not know if a particular CA was authorized to issue the certificate, and there could be a chance that the certificate was fraudulently obtained. Security experts have come out with proposals to allow domain owners to authorize CAs (Certification Authority...

Read More

When to Choose an Extended Validation Certificate

Posted by on March 25, 2014 0 comments

In our last post, we made a case for using Organizationally Validated (OV) or Extended Validation (EV) certificates for e-commerce, but we didn’t go into detail about the differences between OV and EV. EV certificates provide the highest level of assurance about your business, and they visually indicate this to your site’s visitors. The telltale sign that a business has obtained an EV certificate for their website is commonly referred to as the “green bar” displayed in the browser. The exact form of the indicator varies in different desktop and mobile browsers, but is...

Read More

CA Security Council Members Presentation at RSA 2014 Conference: New Ideas on CAA, CT, and Public Key Pinning for a Safer Internet

Posted by on March 17, 2014 0 comments

CA Security Council (CASC) members Trend Micro, Go Daddy, and Symantec participated in a discussion panel at the 2014 RSA Conference in San Francisco on February 24 entitled “New Ideas on CAA, CT, and Public Key Pinning for a Safer Internet.” Panel members included Kirk Hall of Trend Micro (Moderator), Wayne Thayer of GoDaddy (Panelist), and Rick Andrews of Symantec (Panelist). Introduction to the Topic Hall began by introducing the topic – all three alternative technologies (Certificate Transparency or CT, Certificate Authority Authorization or CAA, and Certificate Pinning)...

Read More

Think Twice Before Using DV for E-Commerce

Posted by on March 12, 2014 3 comments

In a previous blog (What Are the Different Types of SSL Certificates?), we described the various types of SSL certificates available from publicly trusted Certificate Authorities (CAs).  CAs are often asked by their customers which certificate type should be used for websites conducting E-Commerce, rather than for just encryption of sensitive data. For the latter case, a Domain Validated (DV) certificate will work fine. A DV cert allows for encryption to take place between the browser and the server. However, because DV certificates do not contain any identification information, they SHOULD...

Read More