• Do You Need SHA-2 Signed Root Certificates?

    We have discussed the SHA-1 deprecation policy and why you should move to SHA-2. The certification authorities (CAs) have provided methods to have your certificates issued and signed using a SHA-2 hashing algorithm. As we move ahead, you will see the CAs changing the default signing algorithm from SHA-1 to SHA-2. It’d be sound strategy to move all of your

        in SSL, SSL Deployment
  • Your Audit Report has Expired

    Here is an interesting theme of questions we receive all the time. Why has your CA audit report expired? Or, when will your audit report be brought up to date? The answer? The audit report is up to date and a new audit report will be provided within three months of the end of the next audit period. So, why

        in SSL
  • CAs Being Audited to Baseline Requirements

    Certification authorities (CA) have always been compliance-minded and have historically imposed third-party audits upon themselves. The CAs disclose their requirements through a certificate policy (CP) document or certification practice statement (CPS). In these documents they state that they will be audited by a third party to meet these requirements. Historically, the CAs had to choose their own audit standard. We

        in EV SSL, SSL
Page 1 of 212