Apple announces the limitation of SSL certificates duration to 1 year in Safari

Apple announced this week that the maximum lifetime of SSL / TLS certificates on its devices and Safari browser would be limited to 398 days (1 year, and 1 month to cover the renewal period). The change, announced by Apple at the CA / Browser Forum meeting in Bratislava, Slovakia, will take effect for certificates issued after August 31, 2020. Apple’s announcement follows a failure of the CA / B Forum’s vote on one-year certificates (Bulletin SC22), which was held in August 2019, and... Read More

The financial industry, the target of more and more costly attacks on the DNS

Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS. The Efficient IP’s Global DNS threat annual report shows a constant growth of the DNS attacks’ number and the financial impacts, with an average financial loss of 1.2 million euros in 2019. This amount was est... Read More

Soon a maximum duration of one year for SSL certificates?

What is happening? The industry actors plan to reduce the lifetime of SSL/TLS certificates, allowing the HTTPS display in browsers, to 13 months, i.e. almost half of the present lifetime of 27 months, in order to improve security. Google through the CA/Browser Forum has indeed proposed this modification, approved by Apple and a Certification Authority, making it eligible to vote. During the next CA/B Forum meetings, if the vote is accepted, the modification of the requirements will come into eff... Read More

The Nameshield SSL interface has had a complete makeover

More user-friendly, more comprehensive, more attractive… our brand new and improved Nameshield SSL interface is being launched on Thursday, June 13th allowing you to manage all of your certificates. You will now have access to key metrics on your certificate portfolio, to different certificate lookup views (such as complete portfolio, detailed overview, certificates nearing expiry, pending orders, expired or revoked certificates), to an Organization and Contact management tool and a redes... Read More

The Black swan time?

The actors and utility providers invade the connected world, benefiting from the innovations that the rest of the world opportunely provides them. It wouldn’t be a problem if we didn’t live in an age where hacking a power plant became possible. In 2015 and 2016, hackers shut down power to thousands of users in the middle of the Ukrainian winter. Since then, the American government openly admitted that foreign powers tried every day to take control of the energy grid control rooms of the United S... Read More

Can the DNS have an impact on the SEO?

This is a recurrent question from our customers: does the use of the DNS, whether it is good or bad, have an impact on the websites’ SEO? We have already discussed about the impact of a HTTPS website on the SEO, this is now the occasion to focus on the side of the DNS. The DNS is an invisible process, implemented in the background, it’s difficult to comprehend why it can help or affect a website’s performance and the ranking in search engines, more particularly on Google. This article will appro... Read More

Cyberattacks, the companies more and more efficient

Last September, Accenture published the research “Gaining Ground On the Cyber Attacker 2018 State of Cyber Resilience” and highlighted the doubling of the cyberattacks number suffered by the companies (232 on average in 2018 versus 106 in 2017 at international level), but also the improvement of the companies’ ability to identify and counter these attacks. The attacks number has more than doubled between 2017 and 2018… This research deserves attention as it differentiates from many very alarmist... Read More

Google makes HTTPS encryption mandatory for its 45 new TLDs : .dev / .app / .how…

In a recent article in this blog, we mentioned the arrival of Chrome 68 in July 2018 and the fact that HTTP will be considered “not secure” from then on. Well, this is not the only weapon that Google is planning to use to encourage large-scale adoption of encrypted websites. You may not be aware, but Google has submitted a number of applications to ICANN as part of the new TLD program, and as a registry, they have secured the management of 45 top-level domains*. Just as the .bank an... Read More

SSL certificates reduction to 2 years maximum

The CAB forum, organization which defines the SSL certificates issuing and management rules approved the SSL certificates reduction to a duration of 2 years against 3 previously. Initiated by the browsers Chrome and Mozilla heading, this decision moves in the direction of an always more secured Internet by forcing the actors to renew more often their security keys and to stay on the last standards of the market. This decision will be applicable to all Certification Authorities from March 1st 20... Read More

The CAA becomes mandatory in the small SSL’s world

Or how to benefit from it to implement a certification strategy specific to your company? In January 2013, a new type of DNS Resource Record has appeared to improve the control chain in the SSL certificates issuing. This record, called CAA for Certificate Authority Authorization, allows to specify for a given domain name which Certification Authorities are authorized to issue certificates. It’s an extremely interesting creation, in particular for big companies and groups, which technical teams ... Read More