Logo

PKI Consortium blog

Posts by author Chris Bailey

    From CASC to the Public Key Infrastructure Consortium
    July 12, 2021 by Paul van Brouwershaven (Digitorus), Paul van Brouwershaven (Entrust) Chris Bailey (Entrust) CASC PKI PKIC
    Over the years, the need for private, industry, or solution-specific PKI has grown significantly, with stricter policies and the revocation of certificates and CAs becoming more common. The impact of changes in centralized PKI have caused delays and disruption of third-party services that may or may not have been considered. Any PKI (public, private, or specific) must operate according to best practices, clear policies and without a single point of failure.

    CA Security Council (CASC) 2019 Predictions: The Good, the Bad, and the Ugly
    December 6, 2018 by Bruce Morton (Entrust), Chris Bailey (Entrust), Jay Schiavo (Entrust) Apple Attack CASC Chrome DV Encryption EV Firefox Google Identity IETF Malware Microsoft Phishing SSL/TLS TLS 1.0 TLS 1.2 TLS 1.3

    As the legendary coach of the NY Yankees Yogi Berra allegedly said, “It’s difficult to make predictions, especially about the future.”  But we’re going to try.

    Here are the CA Security Council (CASC) 2019 Predictions: The Good, the Bad, and the Ugly.

    The Good

    Prediction: By the end of 2019, over 90% of the world’s http traffic will be secured over SSL/TLS

    How Browser Security Indicators Can Protect You from Phishing
    June 6, 2017 by Chris Bailey (Entrust), Kirk Hall (Entrust) Chrome DV Encryption EV Google Identity Phishing SSL/TLS

    The media is full of stories about how phishing sites are moving rapidly to encryption using anonymous, free DV certificates they use to imitate login pages for popular sites, such as paypal.com.

    As noted in the article PayPal Phishing Certificates Far More Prevalent than Previously Thought, more than 14,000 DV SSL certificates have been issued to PayPal phishing sites since the start of 2016.  Based on a random sample, 96.7% of these certificates were intended for use on phishing sites.

    Google to Give Priority Ranking to SSL Enabled Sites
    August 21, 2014 by Chris Bailey (Entrust) Announcement Google SSL/TLS

    Google’s announcement that it will give priority ranking to SSL enabled sites is a key milestone for increased use of SSL on the Internet.

    Google announced a change to its ranking algorithm to include use of SSL on the site as a “very lightweight [positive] signal”. Although, this might not have an immediate impact to website owners/operators that are not currently using SSL, this is still an important signal indicating everyone should be prepared to encrypt all their websites if they want to remain relevant.

    Participate in our community discussions and/or join the consortium