Over the last few years the SSL/TLS industry has moved from MD5 to SHA-1 hashing algorithm and has moved from 1024-bit to 2048-bit RSA key lengths. The industry has adopted the CA/Browser Forum Baseline Requirements. We have also created best practices to mitigate vulnerabilities such as BEAST, CRIME, Heartbleed and POODLE. But what is next? What do we know about?
I had the opportunity to review a verification issue last week, and it had me thinking of the value of EV certificates. First for every SSL/TLS certificate request, our verification teams goes through a validation process to authenticate the identity, ownership or control of the domain name, and authorization to issue the certificate. This process is increased substantially for Extended