Posts made in August, 2014

Google Plans to Deprecate SHA-1 Certificates

Posted by on August 28, 2014 in Blog | 13 comments

On August 19, Google announced a new policy that accelerates the deprecation of SHA-1 certificates, potentially causing websites using SHA-1 certificates to display warnings in the near future. With the change, Chrome 39 will show a warning for sites that have a SHA-1 certificate expiring in 2016 and require a click through warning for sites with a SHA-1 certificate expiring in 2017 or later. This proposal is scheduled for Chrome 39, which could be released as early as 12 weeks from now. Although the CA Security Council (CASC), comprised of the seven largest Certificate Authorities, supports...

Read More

Google to Give Priority Ranking to SSL Enabled Sites

Posted by on August 21, 2014 in Blog | 0 comments

Google’s announcement that it will give priority ranking to SSL enabled sites is a key milestone for increased use of SSL on the Internet. Google announced a change to its ranking algorithm to include use of SSL on the site as a “very lightweight [positive] signal”. Although, this might not have an immediate impact to website owners/operators that are not currently using SSL, this is still an important signal indicating everyone should be prepared to encrypt all their websites if they want to remain relevant. Google had stated its intentions at its IO 2014 conference on HTTPS Everywhere,...

Read More

Who Sets the Rules Governing Certification Authorities?

Posted by on August 19, 2014 in Blog | 1 comment

Every time something positive is published about SSL and encryption,such as Google’s recent decision making use of https encryption a favorable rating factor for a website, or negative, such as the Heartbleed issue – bloggers and others always post questions about public Certification Authorities (CAs), including general questions on who sets the rules that govern CAs. Some bloggers seem to assume there are no rules or standards, and that CAs can operate without any requirements or limitations at all — that’s incorrect. The answer on who sets the rules governing CAs is two-fold: in the first...

Read More