Setting Global Standards for Secure Email Certificates

S/MIME Certificate Working Group of the CA/Browser Forum takes on writing a baseline standard for S/MIME email certificates By Stephen Davidson, Governance, Risk and Compliance at DigiCert and Chair of S/MIME Certificate Working Group The S/MIME Certificate Working Group (SMCWG) is the newest specialist subgroup of the CA/Browser Forum, focused on creating the first global […]

CA/B Forum Update October 2020

DigiCert is committed to bringing you the latest news in the industry, including regular updates from the CA/B Forum The CA/Browser Forum met virtually from Oct. 20–22 for their fall meeting. There is a growing trend in the CA/B Forum to limit the fields authorized in certificates, and Google has made several announcements, including announcing […]

A Guide to TLS Certificate Revocations

Certificate revocations can be disruptive and painful to customers and relying parties. We often get questions about why certificates were revoked, who said we need to revoke them and why more notice was not provided. This article provides background and details to these and other related questions. Background The CA/Browser (CA/B) Forum is one of […]

CA/B Forum Update on EV Certificate Improvements

DigiCert actively participates in several industry standards groups and discussions. This year many in-person events have been canceled due to COVID-19 restrictions, which makes it harder to build relationships through side conversations that foster advancement. However, we remain committed to improving internet security, whether through in-person or virtual discussions. The CA/Browser (CA/B) Forum held a […]

Taking a Data-Driven Approach Towards Compliance

In the realm of operating as the world’s largest global certificate authority (CA), how does DigiCert stay on top of compliance while issuing millions of public certificates in any given year? This includes identifying and remediating issues as we discover them to assure continual improvement and tight compliance. Understanding problems with certificates requires an inspection […]

One-Year Public-Trust SSL Certificates: DigiCert’s Here to Help

UPDATE: While the industry has shortened validity times, we still offer service plans of up to 2, 3, even 6 years—and the automation to make it seamless. By now you’ve likely heard about Apple’s announcement at the February 2020 Certificate Authority/Browser Forum meeting that they will no longer accept publicly trusted TLS webserver certificates valid […]

Position on 1-Year Certificates

UPDATE: While the industry has shortened validity times, we still offer service plans of up to 2, 3, even 6 years—and the automation to make it seamless. Three, Two, One, Liftoff on One-Year TLS Certificates At the CA/Browser (CA/B) Forum in Bratislava, Slovakia, this week, Apple announced that beginning Sept. 1, newly issued publicly trusted […]

New CA/B Forum Proposal to Shorten Certificate Lifetimes: Will It Improve Security?

A new CA/Browser Forum proposal being discussed now would shorten maximum certificate lifetimes to 13 months. This comes after lifetimes were reduced from 39 to 27 months, effective March 2018. If passed, these changes would go into effect in March 2020. This blog analyzes the merits of this proposal and how the proposed security benefit […]

DigiCert pushes underscore extension

Earlier this year, certain browsers in the CA/Browser Forum mandated that underscore certificates be revoked immediately due to new interpretations of the RFC 1034 standard that is incorporated by reference into the CA/Browser Forum Baseline Requirements. This resulted in an ongoing discussion in the CA/Browser Forum over the course of this year: should underscore certificates […]