Timothy Hollebeek

Latest by Timothy Hollebeek

No more unnecessary password changes for Certificate Authorities

After over a year of effort, Ballot SC3 was just unanimously passed by the CA/Browser Forum. This is the first major upgrade to the Network and Certificate System Security Requirements to come out of the Forum’s Network Security Working Group. It...

New CAB Forum Validation Rules Go Into Effect Today

As of August 1, 2018, Certificate Authorities (CAs) are not allowed to use Methods #1 and #5 from section 3.2.2.4 of the Baseline Requirements to validate domain ownership when issuing publicly trusted certificates for use on the web. Continued use...

Assessing the London Protocol

The London Protocol was originally proposed as a potential joint effort by CA Security Council members to combat phishing. All large commercial CAs revoke certificates for phishing websites when they are brought to their attention, but they do not...

View More