• Monitor Your Domains with Certificate Transparency

    Over the last few years, we’ve witnessed publicly trusted SSL certificates issued to domain names that were not authorized. These miss-issuances are typically caused by attackers or simply a mistake by a certification authority (CA). Miss-issuance has been detected in a brute-force manner. Typically, when someone discovers a suspicious issue, they may report it and it may be investigated. Eventually,

        in EV SSL, SSL, SSL Deployment
    0
  • Always-On SSL

    Always-On SSL is an approach to securing your website to mitigate attacks against your users. When I think of Always-On SSL, I think of three concepts: SSL across your entire site, SSL deployed to the best practices, and SSL with leading technology. SSL across Your Entire Site The approach to Always-On SSL is to avoid hijacking of the sessions with

        in EV SSL, SSL, SSL Deployment
    0
  • CAs Being Audited to Baseline Requirements

    Certification authorities (CA) have always been compliance-minded and have historically imposed third-party audits upon themselves. The CAs disclose their requirements through a certificate policy (CP) document or certification practice statement (CPS). In these documents they state that they will be audited by a third party to meet these requirements. Historically, the CAs had to choose their own audit standard. We

        in EV SSL, SSL
    0
  • Understanding SSL

    Just thought I would let you know about a podcast called Sophos Techknow – Understanding SSL. Hopefully there won’t be much new for the regular readers of this blog, but the information may be valuable for those new to the SSL industry. I did want to make note of a few things. The podcasters discuss 650 CAs in the SSL

        in EV SSL, Secure Browsing, SSL
    0
  • CAs Being Audited to Baseline Requirements

    Certification authorities (CA) have always been compliance-minded and have historically imposed third-party audits upon themselves. The CAs disclose their requirements through a certificate policy (CP) document or certification practice statement (CPS). In these documents they state that they will be audited by a third party to meet these requirements. Historically, the CAs had to choose their own audit standard. We

        in EV SSL, SSL
    0
  • Understanding SSL

    Just thought I would let you know about a podcast called Sophos Techknow – Understanding SSL. Hopefully there won’t be much new for the regular readers of this blog, but the information may be valuable for those new to the SSL industry. I did want to make note of a few things. The podcasters discuss 650 CAs in the SSL

        in EV SSL, Secure Browsing, SSL
    0
Page 1 of 5123...5...»»