Industry group creates guidelines for issuing SSL certs
A consortium of certificate authorities (CAs) and software vendors has released the first industry standard for the issuance and management of SSL certificates.
The standard follows a series of embarrassing attacks this year against CAs, or companies that sell the digital SSL or TLS certificates, which are used by websites to validate their identity to visitors. The document, “Baseline Requirement for the Issuance and Management of Publicly Trusted Certificates,” released by the CA/Browser Forum, is described as the first international standard for the operation of CAs that issue digital certs.
"SSL/TLS certificates are a critical part of the internet's security infrastructure," Tim Moses, chairman of the CA/Browser Forum, said in a news release. "The new baseline requirements will improve the reliability and accountability of SSL/TLS issuance.” The standard is based on best practices across the SSL/TLS sector, and address a number of aspects including the verification of identity, certificate content, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, privacy and confidentiality.
Related Articles
- The Pirate Bay Confirms Anonymous Is Not Behind Attack
- Why every organization needs four CIOs
- Sogeti Netherlands Aims Social Engineering and CTF Challenge at Top 100 Dutch Companies
- Angry Birds tops corporate mobile blacklist, Facebook, YouTube follow
- MPAA: Censorship Good For Consumers, Will Help Innovation
Recent comments