Scaling CT Logs: Temporal Sharding

Our industry is moving toward universal support for Certificate Transparency (CT), one of the largest improvements to trust and security for the Web PKI system and SSL certificates in years. Later this month, CT will effectively become an industry-wide mandate when Google Chrome starts requiring it for all new publicly trusted SSL certificates. Already, hundreds […]

Getting Ahead of Chrome 70 Distrust of Symantec-Issued Certificates

Today marks the planned release of Google Chrome 66 stable version and the culmination of the first major distrust event for Symantec root certificates in the world’s most used web browser. With the Chrome 66 stable release, Symantec, Thawte, GeoTrust, and RapidSSL certificates issued before June 1, 2016, and still in use will be greeted […]

Android P Will Default to HTTPS Connections for All Apps

The next version of Android will default to blocking HTTP traffic in apps by default. In a blog post, Dave Burke, Android’s VP of Engineering said this is the latest step in a “larger effort to move all network traffic away from cleartext (unencrypted HTTP) to TLS… you’ll now need to make connections over TLS, […]

Best Practices for Timestamping

Code signing provides integrity to your executables, ensuring that they have not been modified or corrupted. Many modern operating systems require code signing to protect their users from code that has no known origin or guarantees of authenticity. Similar to HTTPS, trusted certificates created by Certificate Authorities are issued to individuals or companies to allow […]

Replace Your Symantec-Issued Certificates Ahead of Chrome 66 Beta (March 15)

Free replacement certificates are available—visit your existing Symantec, Thawte, GeoTrust, and RapidSSL portals. With the Google Chrome 66 beta release scheduled for March 15th—to be followed by the Chrome 66 stable version on April 17th of this year—we’re continuing to communicate with you, our customers, through multiple channels about how to replace affected Symantec-issued certificates […]

3-Year Certificates to Be Eliminated in Industry-Wide Change

Last year, Certificate Authorities and web browser vendors voted to get rid of three-year SSL certificates in the CA/B Forum, an industry body which sets standards for publicly trusted SSL certificates. That change will now take effect on March 1, 2018. After that date, the new maximum validity period for publicly trusted SSL certificates will […]

DigiCert Certificates Will Be Publicly Logged Starting Feb. 1

Starting February 1, 2018 DigiCert will submit all newly issued and publicly trusted SSL certificates to Certificate Transparency (CT) logs by default. In the interest of improving our customer’s security and encouraging adoption, we are making this change ahead of Google’s industry-wide requirement that goes into effect in April 2018. CT logging has only been required […]

HTTPS-Only Features in Major Browsers

You may not know this little fact: certain browser features require HTTPS to work. Features like getting a user’s location, accessing their microphone, or storing data locally on their device, all require that your website supports HTTPS. We often talk about the benefits to the user experience and website reputation by adopting HTTPS, but being […]