Notice of Withdrawal from the CA Security Council

DigiCert is electing to withdraw from the CA Security Council (CASC) as we believe CASC is moving in a direction that DigiCert does not support. Specifically: We feel that CASC is not sufficiently transparent and does not represent the diversity of the modern Certificate Authority (CA) industry. Improving the ecosystem requires broad participation from all […]

Our Latest Symantec Distrust Guidance

This week, Apple announced they will be distrusting SSL/TLS certificates issued from Symantec’s legacy root certificates, which includes the Thawte, GeoTrust, and RapidSSL brands. We have  given guidance on replacing these certificates for compatibility with Google Chrome and Mozilla Firefox. This new announcement from Apple imposes later deadlines, and does not require any additional action […]

EV Certificates & DigiCert

By Jeremy Rowley and Tim Hollebeek The Certificate Authority/Browser (CA/Browser) community discussions on the value of Extended Validation (EV) certificates, the future of EV, and proposed improvements to EV revealed that DigiCert has a slightly different view on EV than other participants. Sharing our view on EV issuance may help others understand the stances DigiCert […]

Meeting the General Data Protection Regulation (GDPR)

At the end of this week, strong new legislation takes effect in the European Union to give greater protection to European consumers and their data. This collection of laws, known as the General Data Protection Regulation, or GDPR, will greatly expand European individuals’ control over data collected by companies. DigiCert is committed to data security […]

Deprecating TLS 1.0 & 1.1

There are currently three versions of the TLS protocol in use today: TLS 1.0, 1.1, and 1.2. TLS 1.0 was released in 1999, making it a nearly two-decade-old protocol. It has been known to be vulnerable to attacks—such as BEAST and POODLE—for years, in addition to supporting weak cryptography, which doesn’t keep modern-day connections sufficiently […]

Replace Your Symantec-Issued Certificates Ahead of Chrome 66 Beta (March 15)

Free replacement certificates are available—visit your existing Symantec, Thawte, GeoTrust, and RapidSSL portals. With the Google Chrome 66 beta release scheduled for March 15th—to be followed by the Chrome 66 stable version on April 17th of this year—we’re continuing to communicate with you, our customers, through multiple channels about how to replace affected Symantec-issued certificates […]

Chrome Will Label All HTTP Pages as “Not Secure” in Just a Few Months

In just a few months, the most widely used web browser will label every single HTTP page as “Not Secure.” Google set a major precedent last week when they announced that starting in Chrome version 68, due out in July 2018, every HTTP web page would receive a negative indicator. You may already be familiar […]

3-Year Certificates to Be Eliminated in Industry-Wide Change

Last year, Certificate Authorities and web browser vendors voted to get rid of three-year SSL certificates in the CA/B Forum, an industry body which sets standards for publicly trusted SSL certificates. That change will now take effect on March 1, 2018. After that date, the new maximum validity period for publicly trusted SSL certificates will […]

DigiCert Certificates Will Be Publicly Logged Starting Feb. 1

Starting February 1, 2018 DigiCert will submit all newly issued and publicly trusted SSL certificates to Certificate Transparency (CT) logs by default. In the interest of improving our customer’s security and encouraging adoption, we are making this change ahead of Google’s industry-wide requirement that goes into effect in April 2018. CT logging has only been required […]

Page 1 of 812345...Last »