PKI Consortium blog

Posts by tag ISO

    5 Ways to Keep Up with Authentication Certificates
    February 24, 2020 by Arvid Vermote Code Signing Encryption Identity ISO Malware Microsoft PKI SSL/TLS

    When it comes to protecting an organization’s data and users, CISOs have no shortage of hurdles. Identity attacks have become sophisticated and convincing, thanks to ransomware, phishing and deep fakes. CISOs have long known the importance of strong identification and authentication controls, but with threats constantly changing and intensifying, having these controls in place is just one piece of the puzzle; they must be managed correctly in order to do their job.

    Trust Indication Change in Google Chrome
    August 24, 2016 by Bruce Morton (Entrust) Chrome EV Google ISO SSL/TLS

    Google is making security icon changes in the Chrome status bar. The changes are based on a research paper prepared by members of Google and University of California, Berkeley. The research evaluated forty icons, seven complementary strings and surveyed 1,329 people.

    The goal is to make it easier for browser users to determine how secure their connection to a site is and indicate if the site is dangerous or deceptive. In addition, the icons are to indicate to people that HTTP is less secure than HTTPS. Below are representations of the old icons and the selected new icons which are to be used in Chrome.

    Certificate Authority Audits and Browser Root Program Requirements
    October 15, 2013 by Kirk Hall (Entrust) AICPA CA/Browser Forum CASC ETSI EV ISO ITU Microsoft Policy Qualified Root Program SSL/TLS WebTrust

    Recent news stories have highlighted the need for strong security in online communications, and use of SSL certificates issued by a publicly trusted Certification Authority (CA) is perhaps the best way to achieve that. But why should the public trust SSL certificates issued from commercial CA roots, which are embedded as trust anchors in web browsers?

    One answer is because of the multiple layers of standards and tough requirements that all commercial CAs must meet – and for which they are audited every year. These standards and requirements have increased from year to year over the past decade.

    Participate in our community discussions and/or join the consortium