Tag Archives: Transport Layer Security

All SSL and Digital Certificates Are the Same, Right? Wrong

May 21, 2012 by Dave Rockvam     No Comments

If all digital certificates are the same, why choose anything but the basic certificate? Because all certificates are not the same. Currently, there are three classes of digital certificates as recognized by the CA/Browser Forum: Domain Validated (DV), Organization Validated (OV) and Extended Validated (EV). There is a common misconception that the only difference in [Read More...]

Filed Under: EV SSL, SSL Tagged With: Computer security, dv, EV

Security Focus: It’s What’s Behind the Seal That Matters

April 24, 2012 by Dave Rockvam     No Comments

In my last post, I briefly discussed a survey Entrust commissioned to understand the effect trust seals have on online transaction behavior. Coincidentally, I discovered an article in IEEE Security & Privacy magazine about a similar survey the magazine conducted. Security-related items were one of eight different factors the survey identified that affected the participants’ [Read More...]

Disappointment Over Speeding up SSL

April 23, 2012 by Jon Callas     No Comments

A year and a half ago, Google started an experiment to speed up SSL by 30% by using an improvement called False Start. Our own Bruce Morton wrote about it not once but twice, and most of the world has been hopeful about the experiment. What’s not to like about a 30% speed improvement? Sadly, [Read More...]

Digital Certificate Revocation – What the Future Holds

April 19, 2012 by Tim Moses     No Comments

When you tell people that revocation doesn’t work, they tend to look at you incredulously: “You’ve got all these solutions: full CRLs, CRL distribution points, delta-CRLs, indirect CRLs, OCSP, stapled OCSP. Surely one of those will work.” That’s the problem, right there. There are so many protocol and configuration choices that no two products or [Read More...]

Dutch Government: PKI alternatives, replacements not on horizon

March 29, 2012 by Dave Rockvam     No Comments

In July 2011, Dutch certification authority (CA) DigiNotar experienced a security incident that affected the national security infrastructure of both governmental and non-governmental bodies in the Netherlands. The government commissioned a report looking into the incident and the broader CA/SSL market. One of the conclusions of the Dutch government’s report is that alternatives to PKI [Read More...]