Filter Blogs expand_more
Blog add
Authors add
5 Results for 'Baseline Requirements'
Blog

Mozilla Endorses SSL Baseline Requirements

By Bruce Morton
February 27, 2013
The CA/Browser Forum SSL Baseline Requirements have been endorsed by Mozilla and have been included in their certificate authority (CA) certificate policy.
Blog

CAs Being Audited to Baseline Requirements

By Bruce Morton
August 01, 2013
Certification authorities (CA) have always been compliance-minded and have historically imposed third-party audits upon themselves.
Blog

SSL and 39 Months

By Bruce Morton
February 19, 2015
Public trusted SSL uses 39 months for two purposes: certificate validity and information validation. These purposes are specified in the CA/Browser Forum Baseline Requirements.
Blog

What Happened with Live.fi?

By Bruce Morton
March 20, 2015
Comodo issued an SSL certificate for live.fi. The issue is the certificate requester did not own or control the live.fi domain, which is owned by Microsoft. Was this Comodo’s fault? Let’s discuss. Since 2012, the certification authorities (CAs) which issue public trust SSL certificates must follow the domain verification methods in the CA/Browser Forum Baseline Requirements (BRs). The BRs provide methods for organization validation (OV) and domain validation (DV).
Blog

New SSL Certificates with New Keys Reduce Vulnerabilities

By Bruce Morton
April 15, 2015
As of April 1st, 2015, the lifetime of SSL certificates has now been reduced to 39 months, in accordance with the CA/Browser Forum Baseline Requirements. Moving forward, consider using shorter life certificates. Even though the maximum validity period is now 39 months, you can drop this validity period to one or two years. Consider the validity period as the backstop to protecting your private key, your website, and your user’s data. But remember one important item, when you renew your certificate, please create a new private key. 
Page 1 of 1