Seeing a “Not Secure” Warning? Here’s Why and What to Do about It

The latest version of the Google Chrome browser, version 68, introduced a new “Not Secure” warning in the address bar that appears anytime you are visiting an insecure web page. The warning refers to the lack of security for the connection to that page. It’s alerting you that information sent and received with that page […]

Assessing the London Protocol

The London Protocol was originally proposed as a potential joint effort by CA Security Council members to combat phishing. All large commercial CAs revoke certificates for phishing websites when they are brought to their attention, but they do not proactively monitor their customers sites, and generally do not share information about misuse of certificates with […]

Apple Announces Certificate Transparency Requirement

Following their 2018 WWDC conference, Apple announced they will begin requiring Certificate Transparency (CT) for all SSL/TLS certificates issued after October 15, 2018. Certificate Transparency is a recent addition to the SSL ecosystem, first introduced in 2013, which provides transparency by publicly logging SSL certificates. This allows auditors to get a more reliable look at […]

Keeping Track of Changes in Chrome for HTTPS & HTTP Indicators

If you are a regular user of Chrome or work in web development/IT, you’ve likely noticed frequent changes to the browser’s ‘security UI’—the icons and indicators that tell users if the page they are visiting is secure. The internet has undergone an HTTPS renaissance over the last 10 years since it became obvious that troves […]

Meeting the General Data Protection Regulation (GDPR)

At the end of this week, strong new legislation takes effect in the European Union to give greater protection to European consumers and their data. This collection of laws, known as the General Data Protection Regulation, or GDPR, will greatly expand European individuals’ control over data collected by companies. DigiCert is committed to data security […]

Guidance for the EFAIL S/MIME Vulnerability

Today, a group of security researchers from Germany and Belgium published a vulnerability affecting two email encryption systems: S/MIME and OpenPGP. Dubbed “EFAIL,” this vulnerability has received notable press coverage and we wanted to provide a summary and guidance for DigiCert customers using S/MIME email certificates and other users of secure email. This research raises […]

Scaling CT Logs: Temporal Sharding

Our industry is moving toward universal support for Certificate Transparency (CT), one of the largest improvements to trust and security for the Web PKI system and SSL certificates in years. Later this month, CT will effectively become an industry-wide mandate when Google Chrome starts requiring it for all new publicly trusted SSL certificates. Already, hundreds […]

Getting Ahead of Chrome 70 Distrust of Symantec-Issued Certificates

Today marks the planned release of Google Chrome 66 stable version and the culmination of the first major distrust event for Symantec root certificates in the world’s most used web browser. With the Chrome 66 stable release, Symantec, Thawte, GeoTrust, and RapidSSL certificates issued before June 1, 2016, and still in use will be greeted […]

Android P Will Default to HTTPS Connections for All Apps

The next version of Android will default to blocking HTTP traffic in apps by default. In a blog post, Dave Burke, Android’s VP of Engineering said this is the latest step in a “larger effort to move all network traffic away from cleartext (unencrypted HTTP) to TLS… you’ll now need to make connections over TLS, […]

Page 1 of 1512345...10...Last »