Best Practices to Comply with SSL/TLS Industry Standards and Mitigate Risks

Requirements and enhancements for secure implementations of Secure Sockets Layer (SSL)  or Transport Layer Security (TLS) protocols are continuously evolving as a result of the constant changing nature of the Web and attacks formulated against the SSL/TLS protocol.

While SSL/TLS seems like it is easy to deploy, that’s not the way it works. Entrust SSL Experts have thoroughly reviewed the SSL/TLS deployment process and wish to offer you our best practices.  Our timeline tool can help you keep current with SSL/TLS industry and attack news, compliance requirements, protocol enhancements and server feedback, so you spend the minimum amount of time possible on deployment and maintenance while still achieving the maximum results for your organization.

January 1, 2014

New RSA key length limit



Read more

April 2014

Heartbleed attack
“One of the most widespread and impactful security vulnerabilities of all time.” - IBM Security Systems

Read more

September 2014

POODLE attack on SSL
1M+ daily transactions
remain at risk.

Read more

November 2014 - April 2015

Google Chrome SHA-1 warnings

Read more

December 2014

POODLE attack — TLS protocol
New vulnerability affects 10% of global servers.

Read more

January 1, 2015

EV SSL logged for Certificate Transparency


Read more

January 16, 2015

New SHA-1 certificates limited validity to December 31, 2016


Read more

March 2015

FREAK attack
1 in 4 global servers affected.


Read more

April 1, 2015

DV/OV maximum validity changes to 39 months


Read more

November 1, 2015

All domains must be registered for public trust SSL


Read more

January 1, 2016

CAs end SHA-1 issuance



Read more

April 1, 2016

DROWN kills SSL 2.0



Read more

August 1, 2016

HEIST impacts Compression



Read more

August 1, 2016

SWEET32 Birthday Attack



Read more

January, 2017

Chrome to show “Not secure”



Read more

January 1, 2017

Chrome and Firefox end SHA-1 support


Read more

January 1, 2017

SHA-2 required for OCSP certificates


Read more

February 14, 2017

Windows ends SHA-1 support



Read more

Sept 8, 2017

Mandatory CAA enforcement


Read more

March 2018

Cert Duration


Read more

April 2018

CT


Read more