The Entrust Datacard monthly SSL review covers SSL/TLS discussions with a recap of news, trends and opinions from the industry.
Entrust Datacard discusses new IP address validation methods and asks — how many digital certificates are you using?
- IP Address Validation Used for Issuing SSL/TLS Certificates
- How Many Digital Certificates and Keys are You Using to Secure Your Digital Communications?
- A seven-part blog series on:
- SSL Certificates 101 — Why Do I Need an SSL/TLS Certificate?
- SSL/TLS Certificate Types — Choosing the Right One for Your Use Case
- SSL/TLS Verification — Digital Identity for Your Website
- What is a SAN (Subject Alternative Name) and how is it used?
- What is a CSR and how do I get one?
- What's the Difference between a Public and Private Trust Certificate?
- How to Build an SSL/TLS Certificate: The Five Simple Steps That Bring You to HTTPS
CA / Browser Forum:
- Ballot SC16: Other Subject Attributes confirms that Organization Unit value can be in the subject of an EV SSL certificate, but the ballot does not allow any other item to be added to the subject field without EV Guidelines.
- Code Signing Certificate Working Group Charter has been created. Parties are invited to join the working group to support the management and issuance of public trust code signing certificates.
hashedout discusses:
- Should the tech industry be the arbiters of morality? The DarkMatter debate raging in the Mozilla root forum has major implications.
- Mass Revocation: Millions of certificates revoked by Apple, Google & GoDaddy due to serial numbers.
- Why all the fuss about 64-bit serial numbers?
Bulletproof TLS Newsletter #51 discusses Trouble with a missing random bit in serial numbers.
Other News and Notes
- Comparitech study suggests 3 in 5 politicians' websites don't use HTTPS.
- Evidence-based Cybersecurity Research Group provides — Academic Study Exposes Booming SSL/TLS Certificate Marketplaces on the Dark Web.
Let's Encrypt announces The ACME Protocol is an IETF Standard, and we are announcing an end-of-life plan for our ACMEv1 support.