SHAttered – First SHA-1 Collision
Google and CWI announced SHAttered, an attack on the SHA-1 cryptographic hash function. The attack was demonstrated by allowing the cryptographic signature on a good PDF to be the same as on a bad PDF....
View ArticleSSL Review: February 2017
Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. Entrust Identity ON: Bad Actors Catalyst Behind New Standards for Code Signing CA...
View ArticleNew Mandatory CAA Checking on the Horizon
Certification Authority Authorization (CAA) allows a domain owner to specify in their DNS or DNSSec which Certification Authority (CA) is authorized to issue certificates to their domain. The new CAA...
View ArticleMaximum Certificate Lifetime Drops to 825-days in 2018
The CA/Browser Forum has taken a progressive step by reducing SSL/TLS certificate lifetimes from 39 months (~1185 days) to 27 months (stated as 825 days for computational ease). The move to an 825-day...
View ArticleBye Bye SHA-1
Entrust Datacard Stops Issuing SHA-1 Certificates Entrust Datacard made the decision to stop issuing any type of public trust certificates using the SHA-1 hashing algorithm to mitigate the potential...
View ArticleSSL Review: March 2017
Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. Entrust Identity ON: SHAttered – First SHA-1 Collision New Mandatory CAA Checking...
View ArticleRecent Attack Underscores Need for EV SSL/TLS Certificates
An attack on a Brazilian bank caused them to lose control of their DNS for nearly five hours. Once attackers gained control of the bank’s DNS, they were able to also show control over the domain...
View ArticleCertificate Transparency Deadline Moved to April 2018
Google just announced they will not be enforcing certificate transparency (CT) logging for all new TLS certificates until April 2018. In a previous blog post, we advised that Google provided a new...
View ArticleSSL Review: April 2017
Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. Entrust Identity ON: Bye Bye SHA-1 Recent Attack Underscores Need for EV SSL/TLS...
View ArticleSSL Review: May 2017
Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry. CA Security Council … Certificate Transparency Deadline Moved to April 2018 Melih...
View Article