• Monitor Your Domains with Certificate Transparency

    Over the last few years, we’ve witnessed publicly trusted SSL certificates issued to domain names that were not authorized. These miss-issuances are typically caused by attackers or simply a mistake by a certification authority (CA). Miss-issuance has been detected in a brute-force manner. Typically, when someone discovers a suspicious issue, they may report it and it may be investigated. Eventually,

        in EV SSL, SSL, SSL Deployment
    0
  • More Google Fraudulent Certificates

    On July 2, Google became aware of fraudulent certificates that were incorrectly issued to Google-owned domain names. The certificates were issued by National Informatics Centre (NIC) of India, which is a subordinate certification authority (CA) to Indian Controller of Certifying Authorities (India CCA). The miss-issued certificates could have been used to spoof content, perform phishing attacks or perform man-in-the-middle (MITM)

        in Fraud Detection, SSL
    0
  • SSL Review: June 2014

    Part 5 of 5 in the Series — SSL Review
    Entrust’s monthly SSL review discussions — and likely other digital certificates — recaps news, trends and opinions from the industry. Entrust and CA Security Council Entrust Identity ON discussed: OpenSSL Team Warns of New MITM Vulnerability CA Security Council discussed: Benefits of Elliptic Curve Cryptography OCSP Must-Staple Hot Topics & Opinions OpenSSL Man-In-The-Middle … Paul Venezia discusses The new OpenSSL

        in SSL
    0
  • How OCSP Must-Staple Affects Certificate Revocation

    With the announcement of the Heartbleed bug and the resulting need to revoke large numbers of SSL certificates, the topic of certificate revocation has, once again, come to the fore. What are the issues with how revocation information is provided to the browsers? Entrust's Bruce Morton offers a detailed look.

        in Certificate Management, Digital Certificates, SSL, SSL Deployment
    0
  • SSL Review: June 2014

    Part 5 of 5 in the Series — SSL Review
    Entrust’s monthly SSL review discussions — and likely other digital certificates — recaps news, trends and opinions from the industry. Entrust and CA Security Council Entrust Identity ON discussed: OpenSSL Team Warns of New MITM Vulnerability CA Security Council discussed: Benefits of Elliptic Curve Cryptography OCSP Must-Staple Hot Topics & Opinions OpenSSL Man-In-The-Middle … Paul Venezia discusses The new OpenSSL

        in SSL
    0
  • How OCSP Must-Staple Affects Certificate Revocation

    With the announcement of the Heartbleed bug and the resulting need to revoke large numbers of SSL certificates, the topic of certificate revocation has, once again, come to the fore. What are the issues with how revocation information is provided to the browsers? Entrust's Bruce Morton offers a detailed look.

        in Certificate Management, ...
    0
Page 1 of 36123...5101520...»»