Tag Archives: CASC

Moving to TLS 1.2

February 10, 2014 by Bruce Morton     No Comments

In 2014, there will be a trend for website owners to implement TLS 1.2 on their servers. TLS 1.2 was defined in RFC 5246 in August 2008 and is the most secure version of SSL/TLS protocol. Although TLS 1.2 has been available for a few years, it is not well deployed. SSL Pulse indicates that [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: CBC, How's My SSL, Microsoft

Securing Software Distribution with Digital Code Signing

October 23, 2013 by Bruce Morton     No Comments

This post was originally published on the CA Security Council blog. Code signing certificates from publicly trusted Certification Authorities (CAs) fulfill a vital need for authentication of software distributed over the Internet in our interconnected world. As the commonly referred to “Internet of things” continues to grow, consumers have access to millions of applications for their [Read More...]

Updated SSL/TLS Deployment Best Practices

September 23, 2013 by Bruce Morton     No Comments

First, I would like to than Ivan Ristic for his development of the SSL/TLS deployment Best Practices document. This is a simple overview of what a Web server administrator should consider in an SSL deployment. I am also looking forward to Ristic’s book, “Bulletproof SSL/TLS and PKI,” which hopefully will be released sometime soon. Version [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: Breach, CASC, Ivan Ristić

Myths about CAs and SSL

August 14, 2013 by Bruce Morton     No Comments

In following the SSL industry, there are always comments about certification authorities (CAs) and their practices. In many cases, the Certificate Authority Security Council (CASC) considers these comments to be myths. As such, the CASC has collected these myths and provided responses, which some editors have published. Please read and you will find responses to [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: myths, SSL

Self-Signed Certificates don’t deliver Trust

April 4, 2013 by Bruce Morton     No Comments

We’ve heard the argument that website operators could just use self-sign certificates. They are easy to issue and they are “free.” Before issuing self-signed certificates, it’s a good idea to examine the trust and security model. You should also compare self-signed certificates to the publicly trusted certification authority (CA) model; and then make your own decision.

SSL Certificate Status Checking

March 12, 2013 by Bruce Morton     No Comments

As part of its effort to promote SSL certificate best practices, the CA Security Council (CASC) has offered a couple of blogs on the importance of revocation checking

Certificate Authority Security Council

February 14, 2013 by Bruce Morton     No Comments

Today, the leading global certification authorities (CA) launched the Certificate Authority Security Council (CASC). The CASC is made up of publicly trusted CAs that issue SSL certificate to protect more than 95 percent of the global websites.