The Entrust monthly SSL review covers SSL/TLS discussions — recaps news, trends, and opinions from the industry.
Entrust
- New Requirement Will Deprecate the Organization Unit (OU) Field in TLS Certificates and will no longer be allowed starting September 1, 2022.
EFF
- EFF discusses how We Encrypted the Web: 2021 Year in Review.
Mozilla
- Mozilla is Improving the Quality of Publicly Trusted Intermediate CA Certificates with Enhanced Oversight and Automation. Root CAs will have to upload technically constrained intermediate CA certificates to CCADB. In addition, CCADB will have tools automatically examine intermediate CA certificates and process audit reports.
- Project Zero posted This shouldn't have happened: A vulnerability postmortem about a Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
Bulletproof TLS Newsletter #84
Other News & Notes
- Scott Helme provides Top 1 Million Analysis of websites. Trend continues of HTTPS, HSTS, CAA, TLS 1.3 going up and EV SSL going down.
- Certificate Transparency version 2.0 in RFC 9162 has been finalized.