• Should You Use SHA-2?

    A common question we receive from certificate customers: should we ask Entrust to sign our certificate with a signature using the SHA-2 hashing algorithm?

        in Certificate Management, SSL, SSL Deployment
    0
  • HSTS Update

    HTTP Strict Transport Security (HSTS) will soon be finalized and available in an IETF standard. The request for comment (RFC) is at version 11 and the IESG has put out a last call for comments. HSTS is a security policy mechanism where a Web server tells a supporting browser that it can only connect to it over secure connections (i.e.,

        in Secure Browsing, SSL, SSL Deployment
    0
  • Google Rethinks Revocation

    Google has decided in Chrome that they’re going to take a different approach to certificate revocation. Chrome developer Adam Langley describes the decision in detail in his blog, Imperial Violet. Unlike a number of CAs, we think this is a pretty good idea, even if incompletely executed so far. Revocation is a difficult task. It is difficult because it requires

        in Certificate Management, SSL
    0
  • Don’t fear the BEAST

    A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection. Before I discuss it at length, let me cut to the chase on it. Q: Is this something that you need to worry about? A: No. Here’s a slightly more detailed explanation. The

        in Secure Browsing, SSL
    0
  • Google Rethinks Revocation

    Google has decided in Chrome that they’re going to take a different approach to certificate revocation. Chrome developer Adam Langley describes the decision in detail in his blog, Imperial Violet. Unlike a number of CAs, we think this is a pretty good idea, even if incompletely executed so far. Revocation is a difficult task. It is difficult because it requires

        in Certificate Management, SSL
    0
  • Don’t fear the BEAST

    A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection. Before I discuss it at length, let me cut to the chase on it. Q: Is this something that you need to worry about? A: No. Here’s a slightly more detailed explanation. The

        in Secure Browsing, SSL
    0
Page 1 of 212