Posts made in December, 2016

Stricter Standards for SSL Server Test Coming in 2017

Posted by on December 13, 2016 in Blog | 0 comments

This is a good time to offer a reminder that the CASC has a great tool for secure server testing, the SSL Server Test. The tool grades your server installation and reviews the: certificate, protocol support, key exchange and cipher strength for security against standards and known vulnerabilities. The grading tool also provides feedback on handshake simulations with various versions of browsers and operating systems. This lets the server administrator know which implementations are supported. The test also checks the server mitigation for known vulnerabilities such as: DROWN, BEAST, POODLE...

Read More

Leading Certificate Authorities and Microsoft Introduce New Standards to Protect Consumers Online

Posted by on December 8, 2016 in Press Releases | 366 comments

The CASC’s Minimum Requirements for Code Signing Certificates enables a common vetting process for all CAs San Francisco –December 8, 2016 – the Certificate Authority Security Council (CASC), an advocacy group committed to the advancement web security, today announced the Code Signing Working Group has released new Minimum Requirements for Code Signing for use by all Certificate Authorities (CA). These requirements represent the first-ever standardized code signing guidelines. Code signing is the method of using a certificate-based digital signature to sign executables and scripts in order...

Read More