In the Wake of Unauthorized Certificate Issuance by the Indian CA NIC, can Government CAs Still be Considered “Trusted Third Parties”?

Posted by on July 24, 2014 1 comment

Short answer: Government CAs can still be considered “trusted third parties,” provided that they follow the rules applicable to commercial CAs. Introduction On July 8 Google announced that it had discovered several unauthorized Google certificates issued by the National Informatics Centre of India. It noted that the Indian government CA’s certificates were in the Microsoft Root Store and used by programs on the Windows platform. The Firefox browser on Windows uses its own root store and didn’t have these CA certificates. Other platforms, such as Chrome OS, Android,...

Read More

What To Do When You Rely on Internal Names in TLS/SSL Certificates

Posted by on July 18, 2014 0 comments

A deadline set by the CA/Browser Forum for the use of Internal Names is quickly approaching, and many system administrators need to understand how best to adapt to this change. At the same time, hundreds of new top-level domains are being launched, which redefines what constitutes an Internal Name. In this post we’ll explain what the changes are, why they’re being made, and how you can update your systems in response to the problem. Internal Names and gTLDs An Internal Name is defined as “A string of characters (not an IP address) in a Common Name or Subject Alternative Name...

Read More