PKI Consortium blog
Posts by tag ISO
5 Ways to Keep Up with Authentication Certificates
February 24, 2020 by Arvid Vermote Code Signing Encryption Identity ISO Malware Microsoft PKI SSL/TLS
When it comes to protecting an organization’s data and users, CISOs have no shortage of hurdles. Identity attacks have become sophisticated and convincing, thanks to ransomware, phishing and deep fakes. CISOs have long known the importance of strong identification and authentication controls, but with threats constantly changing and intensifying, having these controls in place is just one piece of the puzzle; they must be managed correctly in order to do their job.
Trust Indication Change in Google Chrome
August 24, 2016 by Bruce Morton (Entrust) Chrome EV Google ISO SSL/TLS
Google is making security icon changes in the Chrome status bar. The changes are based on a research paper prepared by members of Google and University of California, Berkeley. The research evaluated forty icons, seven complementary strings and surveyed 1,329 people. The goal is to make it easier for browser users to determine how secure their connection to a site is and indicate if the site is dangerous or deceptive. In addition, the icons are to indicate to people that HTTP is less secure than HTTPS.
Certificate Authority Audits and Browser Root Program Requirements
October 15, 2013 by Kirk Hall (Entrust) AICPA CA/Browser Forum CASC ETSI EV ISO ITU Microsoft Policy Qualified Root Program SSL/TLS WebTrust
Recent news stories have highlighted the need for strong security in online communications, and use of SSL certificates issued by a publicly trusted Certification Authority (CA) is perhaps the best way to achieve that. But why should the public trust SSL certificates issued from commercial CA roots, which are embedded as trust anchors in web browsers? One answer is because of the multiple layers of standards and tough requirements that all commercial CAs must meet – and for which they are audited every year.