Relevant Items
Refine Search expand_more
SSL clear
Blog add
Solutions add
Products add
Product Categories add
170 Results

Chrome to Show HTTP Sites as Not Secure

Google will soon be issuing a stronger warning to visitors who navigate to a website that does not have the protection of an SSL/TLS certificate. With the release of Chrome 53 on Windows, Google has changed the trust indications to introduce the circle-i. 
Digital Certificates

SSL Review: August 2017

The Entrust Datacard monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. 
Digital Certificates

HTTP Public Key Pinning: No Longer a Good Idea

It is very difficult to select a public key or a set of public keys that can be trusted for a long period of time. If the wrong public key is used, a website can be bricked until the server header expires. The wrong key could be provided accidentally or by an attacker. As in many cases, a site can be bricked where the administrator knows nothing about HPKP, or it’s been redirected by an attack.
Digital Certificates

Should SSL Certificates Be Free?

SSL/TLS Certificates are the most common cybersecurity technology in use today. With over one billion websites on the Internet, and the number of SSL/TLS Certificates issued in the millions, the question has been raised as to whether or not the secure links created by SSL/TLS Certificates should be mandatory, and thus free.
Digital Certificates

Coming Soon: More “Not secure” Browser Warnings

With an anticipated release date of October 17, 2017, domain owners still have a few weeks to encrypt any sites that should be protected that might otherwise prevent users from entering their website. 

New Mandatory CAA Checking on the Horizon

Certification Authority Authorization (CAA) allows a domain owner to specify in their DNS or DNSSec which Certification Authority (CA) is authorized to issue certificates to their domain. The new CAA policy has now been defined by the CA/Browser forum and is scheduled to take effect September 8, 2017. CAA may be the best way to protect domain owners from having fraudulent certificates issued in their domain name. This has become increasingly important with the proliferation of unauthorized DV certificates.

Maximum Certificate Lifetime Drops to 825-days in 2018

The CA/Browser Forum has taken a progressive step by reducing SSL/TLS certificate lifetimes from 39 months (~1185 days) to 27 months (stated as 825 days for computational ease). The move to an 825-day maximum certificate validity period for all types of certificates (DV, OV, and EV) will be effective for all new certificates purchased on or after of March 1, 2018. Why Change the Certificate Lifetime? The goal of reducing the lifetime is it allows certificates to be changed more frequently.

SSL Review: July 2017

The Entrust Datacard monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry.

SSL Review: December 2016

Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry.
Digital Certificates

Recent Attack Underscores Need for EV SSL/TLS Certificates

EV certificates display the site owner’s name in the browser status bar. This assures website visitors that the website is authentic and that they are on the intended site. This unique status bar is only displayed for brand’s protected with an EV certificate. They are designed specifically to mitigate attacks by letting users know the website can be trusted.
Page 1 of 17