Tag Archives: Extended Validation

Beware of Japan Aid Scams

March 17, 2011 by Bruce Morton     No Comments

Security advisors such as the United States Computer Readiness Team (US-CERT) and the SANS Institute are warning people to watch out for online scams related to the Japanese earthquake and tsunami relief effort. US-CERT encourages users to take the following measures to protect themselves: Do not follow unsolicited web links or attachments in email messages [Read More...]

SSL Deployment Mistakes

September 21, 2010 by Bruce Morton     1 Comment

In June, Ivan Ristic of Qualys SSL Labs made a presentation at the OWASP AppSec Research 2010 conference called Breaking SSL: Why leave to others what you can do yourself? Ivan contends that “SSL is a rare application security area where we can make things virtually 100% secure, with relatively small effort.”  However, he also [Read More...]

What’s the deal with 2048-bit keys?

June 23, 2010 by Bruce Morton     No Comments

Entrust has been getting a lot of questions about the move to 2048-bit RSA keys.  The move is causing some web administrators concern, so we thought it would be a good time to clarify the reasoning behind the move to 2048-bit keys. The US National Institute of Standards and Technology (NIST) prepared a special report [Read More...]

EV, what’s the difference?

June 16, 2010 by Bruce Morton     No Comments

With the acquisition of the VeriSign SSL business by Symantec, we’re getting a lot of questions about EV SSL certificates.  Is your EV the same as theirs?  Why is your EV so much cheaper?  What’s the difference? The bottom line is yes; our EV SSL certificates are the same as theirs.  In fact, EV SSL [Read More...]

Filed Under: EV SSL, SSL Tagged With: Extended Validation, SSL

Market Shifting but Entrust Focused

June 2, 2010 by Scott Shetler     No Comments

There has been an interesting development in the SSL market since our last blog – the acquisition by Symantec of the entire security product portfolio of Verisign, including GeoTrust and Thawte. The acquisition ends VeriSign’s transformation from a security software provider to simply a domain name registrar and domain name infrastructure provider. Throughout an unspecified [Read More...]

Filed Under: EV SSL, SSL Tagged With: Extended Validation, multi-domain, multi-SAN

Is it Paypal? Or is it Paypal?

January 4, 2010 by Steve Duncan     No Comments

New character types can now be used in domain names. Does that mean we can no longer rely on domain names to verify against phishing sites?

Filed Under: Secure Browsing Tagged With: Extended Validation, ICANN, phishing

Phishing is Here to Stay: 1 in 200 are Victimized

December 14, 2009 by Steve Duncan     No Comments

I guess its not that surprising, but a new report indicates that .47 percent of banking customers fall victim to a phishing site every year.  This clearly demonstrates that phishers have a large market to address and are obviously seeing a return on their investments.  That means we can expect to see even more phishing [Read More...]