Category Archives: Public Key Infrastructure

It’s a Tough Road For Businesses That Don’t Protect Their Identities

April 16, 2014 by Entrust, Inc.     No Comments

From the Target breach last year to the crop of new data attacks that have arisen in 2014, there are no shortage of threats to enterprise security on the web.

Filed Under: Authentication, Encryption Tagged With: enterprise security, EW

Entrust OpenSSL Disclosure

April 14, 2014 by Entrust, Inc.     No Comments

With news of the Heartbleed bug, we have been receiving questions as to how this impacts the certification authority (CA) service at Entrust. In summary, Entrust SSL customers do not need to be concerned about the management of their certificates or their certificate management accounts. The CA private keys are protected on a NIST FIPS [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: OpenSSL, SSL

Heartbleed & OpenSSL — Do End-Users Need to Change Their Passwords?

April 10, 2014 by Entrust, Inc.     No Comments

The discovery of the Heartbleed implementation bug that could attack certain version of OpenSSL has, rightfully, made global headlines. While this vulnerability doesn’t affect the certificates issued by trusted certification authorities (CA), the discovery has set end-users into a bit of “password panic.” The crux of the issue is that services providers, website operators, software [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: heartbleed, OpenSSL, SSL

New in 2014 — Certificate Management for All Users, Organizations

April 8, 2014 by Entrust, Inc.     No Comments

As we evolve from the Entrust Certificate Management Service (CMS) to Entrust IdentityGuard Cloud Services SSL, it’s important to understand changes that could affect some customers. Any new or current customers who purchase four or fewer Entrust certificates online now have access to all the capabilities and features of Entrust IdentityGuard Cloud Services SSL. With [Read More...]

OpenSSL Heartbleed Bug

April 8, 2014 by Bruce Morton     9 Comments

A new threat called the Heartbleed Bug has just been reported by some researchers at Codenomicon and Google. Heartbleed attacks the heartbeat extension (RFC 6520) implemented in OpenSSL. The official reference to the Heartbleed bug is CVE-2014-0160. Heartbleed allows an attacker to read the memory of a system over the Internet and compromise the private [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: Apache, heartbleed, NGINX

Same Services, New Names

April 8, 2014 by Entrust, Inc.     No Comments

The introduction of Entrust IdentityGuard Cloud Services presents an innovative consolidation of Entrust’s most popular and reliable security solutions. This evolution also brings about changes to the names of some of your favorite products. To simplify these changes, please review the following chart to see how the name changes could affect you and your organization. [Read More...]

Filed Under: Certificate Management, Cloud, General, SSL Tagged With:

Do You Need SHA-2 Signed Root Certificates?

April 4, 2014 by Bruce Morton     No Comments

We have discussed the SHA-1 deprecation policy and why you should move to SHA-2. The certification authorities (CAs) have provided methods to have your certificates issued and signed using a SHA-2 hashing algorithm. As we move ahead, you will see the CAs changing the default signing algorithm from SHA-1 to SHA-2. It’d be sound strategy [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: root certificates, SHA-1, SHA-2

SSL Review: March 2014, part 2

April 2, 2014 by Bruce Morton     No Comments

Entrust’s monthly review of SSL discussions — and likely other digital certificates — recaps news, trends and opinions from the industry. Entrust and CA Security Council Entrust Identity ON discussed: 2014 – Looking Back, Moving Forward Elliptic-Curve Cryptography, Simplified Who will Control ICANN? Your Audit Report has Expired CA Security Council discussed: Think Twice Before [Read More...]

Filed Under: SSL Tagged With: certificate transparency, SSL, SSL Review

Your Audit Report has Expired

March 27, 2014 by Bruce Morton     No Comments

Here is an interesting theme of questions we receive all the time. Why has your CA audit report expired? Or, when will your audit report be brought up to date? The answer? The audit report is up to date and a new audit report will be provided within three months of the end of the [Read More...]

Filed Under: SSL Tagged With: CAB Forum, SSL, WebTrust

SSL Review: March 2014

March 13, 2014 by Bruce Morton     No Comments

Here is a monthly SSL review of discussions about SSL (and possibly other digital certificates) from the last month. Entrust Identity ON discussed the following: Always-ON SSL Moving to TLS 1.2 Bogus SSL Certificates OCSP Stapling Apple SSL Bug CA Security Council discussed the following: Always-On SSL, Part II Ten Steps to Take If Your [Read More...]

Filed Under: Secure Browsing, SSL, SSL Deployment Tagged With: Apple, OCSP, SSL