Skip to main content

Best Practices to Comply with SSL/TLS Industry Standards and Mitigate Risk

Requirements and enhancements for secure implementations of Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols are continuously evolving as a result of the constant changing nature of the Web and attacks formulated against the SSL/TLS protocol.

While SSL/TLS seems like it is easy to deploy, that’s not the way it works. Entrust SSL Experts have thoroughly reviewed the SSL/TLS deployment process and wish to offer you our best practices. Our timeline tool can help you keep current with SSL/TLS industry and attack news, compliance requirements, protocol enhancements and server feedback, so you spend the minimum amount of time possible on deployment and maintenance while still achieving the maximum results for your organization.

2014

Laptop and Mobile icon
January 2014
RSA

New RSA key length.

Action: You

Learn More
Laptop and Mobile icon
April 2014
Heartbleed Attack

Action: You

Learn More
Laptop and Mobile icon
September 2014
Poodle SLL Attack

Action: You

Learn More
Laptop and Mobile icon
November 2014
Google Chrome SHA-1 Warnings

Action: You

Learn More
Laptop and Mobile icon
December 2014
Poodle TLS Protocol Attack

1M+ daily transactions at risk.

Action: You

Learn More

2015

Laptop and Mobile icon
January 2015
EV SSL Logged

Certificate Transparency

Action: Entrust

Learn More
Laptop and Mobile icon
January 2015
SHA-1

Limited validity to December 31, 2016.

Action: Entrust

Learn More
Laptop and Mobile icon
March 2015
FREAK Attack

1 in 4 global servers affected.

Action: You

Learn More
Laptop and Mobile icon
April 2015
DV/OV Validity

Changes to 39 months.

Action: Entrust

Learn More
Laptop and Mobile icon
November 2015
SSL Registration

Domains must be registered for public trust SSL Action: .

Action: Entrust/You

Learn More

2016

Laptop and Mobile icon
April 2016
DROWN

DROWN kills SSL 2.0.

Action: You

Learn More
Laptop and Mobile icon
January 2016
SHA-1

CAs end SHA-1 issuance.

Action: Entrust/You

Learn More
Laptop and Mobile icon
August 2016
HEIST

HEIST impacts compression.

Action: You

Learn More
Laptop and Mobile icon
August 2016
SWEET32 Attack

SWEET32 birthday attack.

Action: You

Learn More

2017

Laptop and Mobile icon
January 2017
Not Secure

Chrome to show “Not secure”.

Action: Entrust/You

Learn More
Laptop and Mobile icon
January 2017
SHA-1

Chrome and Firefox end SHA-1.

Action: You

Learn More
Laptop and Mobile icon
January 2017
SHA-2

SHA-2 required for OCSP certificates.

Action: You

Learn More
Laptop and Mobile icon
February 2017
SHA-1

Windows ends SHA-1 support.

Action: You

Learn More
Laptop and Mobile icon
September 2017
CAA

Mandatory CAA enforcement.

Action: Entrust/You

Learn More

2018

Laptop and Mobile icon
March 2018
Cert Duration

Non-EV certificates reduced to~27 months

Action: Entrust/You

Learn More
Laptop and Mobile icon
April 2018
Certificate Transparency

Required by Chrome.

Action: You

Learn More
Laptop and Mobile icon
July 2018
Not Secure

Chrome displays “Not secure” for all HTTP sites

Action: Entrust/You

Learn More
Laptop and Mobile icon
August 2018
Method 1

Domain validation via domain ownership is no longer valid.

Action: Entrust/You

Learn More
Laptop and Mobile icon
August 2018
TLS 1.3

Most secure protocol is finalized for implementation.

Action: Entrust/You

Learn More

2019

Laptop and Mobile icon
May 2019
Domain Names

Underscores are banned.

Action: Entrust/You

Learn More
Laptop and Mobile icon
September 2019
EV Indication

Chrome downgrades EV indication in status bar.

Action: Entrust/You

Learn More
Laptop and Mobile icon
July 2018
EV Indication

Firefox downgrades EV indication in status bar.

Action: Entrust/You

Learn More

2020

Laptop and Mobile icon
September 2019
TLS 1.0 and 1.1

Browsers will depreciate the use of TLS 1.0 and 1.1 in 2020.

Action: Entrust/You

Learn More
×

👋 Hello, if you have any
questions, I'm ready to chat.

Chat Now