Rejection of the standard was too slow. On February 23, researchers, members of the Dutch Institute CWI, as well as experts from Google announced that they were able to crack SHA-1 standard in practice. This standard is used to digitally…
Blog Archives
Symantec shared thoughts about cybersecurity in 2017
According to Symantec, the new year will be a new era of cybercrime. The volume of malware will only increase. As the announcement of Symantec, some states may enter into transactions with organized crime in order to gain personal benefit.…
Why cannot ignore security alerts associated with SSL-certificates
Be sure to keep in mind the simple truth: in any case it is impossible to ignore the security notices in your browser. Do not assume that clicking on the “Accept” will necessarily lead to the fact that the site…
Posted in Browser Errors, Validation, Vulnerabilities Tagged with: browser warning, browser warning when certificate expired, draft, expired ssl, expired ssl certificate, ssl certificate
How exactly will be called the next version of the TLS?
Will there be a version called TLS 1.3, TLS 4 or something else? Work on the next version already being conducted and is expected the final result will be ready in early 2017. It remains only to make small changes…
Posted in Vulnerabilities, What is an SSL-Certificate Tagged with: draft, ssl, TLS, tls 1.3, tls 1.4
Certificates Transparency: what you should know about it
Recently, we saw a lot of news about the certificates transparency. For example, the Google will make it mandatory in October 2017, and Mozilla has announced that they will support it. What is the general certificates transparency? Let’s start with…
Posted in Browser Errors, CA, Validation, Vulnerabilities Tagged with: CA, certificate transparence, logs, transparency log
SSL-certificate with SHA1 will be deprecated in 2017
Last days of SHA1 SSL-certificates is coming. Certificates of this type based on a cryptographic hash, which is calculated using the SHA-1 algorithm. Recent studies have shown that the SHA1 algorithm is not as strong as previously thought. Although no…
Posted in Browser Errors, CA, Vulnerabilities Tagged with: draft, mozilla, safari, sha1, sha1 deprecated, ssl certificate
What you need to know about the upcoming Google updates security
On the threshold stands a new security update at Google, but it does nothing new for us. Google is actively worked on the protection of the network and users in recent years. Even in 2015, Google moved their promise to…
Posted in Browser Errors, CA, Vulnerabilities, What is an SSL-Certificate Tagged with: 2017 ssl, google, google ssl, hoogle https, ssl, ssl certificate
Google refused to trust certificates WoSign and StartCom
Following a similar decision taken by Mozilla and Apple, Google decided to abandon the new digital certificates issued by the two certification authorities – WoSign and StartCom. The reason is that these CAs are breaking the rules and industry best…
Posted in CA, Validation, Vulnerabilities Tagged with: chrome, chrome 56, draft, google, startcom, trust, trust ca, trust startcom, trust wosign, wosign
Automating backup for the SSL-certificate: businesses need protection after an incident with Globalsign
Company’s existing online, decided to reduce their dependence on individual CAs using backup automation. A huge number of sites have become unavailable after the cross-certificate was revoked in error during routine maintenance of GlobalSign for the purpose of cleaning some…
Posted in CA, Vulnerabilities Tagged with: backup ssl, CA, draft, globalsign, revoked certificate, ssl, ssl certificate
Mozilla reduces the risk of rolling back encryption on Firefox
Over the past year was discovered several methods of attack on the encrypted channels, based on the decrease in the length of the keys to the export level (512-bit). One of them, LogJam, potentially allowing attacker, unlimited in resources, read…
This site is dedicated to SSL-certificates. You will learn what is an SSL certificate, how to issue and reissue it. FAQ SSL will be useful for both novices and pros. SSL Knowledgebase contains sections on validation, trust logo, vulnerabilities, SSL-certificates differences by type (Wildcard, EV, DV, etc.), as well as many other things.
Comments