Important: information relating to the situation in Russia, Belarus and Ukraine. In response to the evolving geopolitical situation in Ukraine, many SSL certification authorities are suspending the issuance and reissuance of all types of certificates affiliated with Russia and Belarus. This includes suspending issuance and reissuance of certificates to TLDs related to Russia and Belarus, including .ru, .su, .by, .рф, as well as to organizations with addresses in Russia or Belarus. We ... Read More
What is Extended Validation (EV) and how important is it?
SSL certificates ensure the encryption and integrity of data exchanged between a browser and a web server. There are different levels of certificates, Extended Validation (EV), Organizational Validation (OV) and Domain Validation (DV), which vary depending on the degree of authentication. The Extended Validation type SSL certificate provides the highest level of SSL authentication. It is obtained through a comprehensive and globally standardized identity verification process established by ... Read More
New document : 5 minutes to understand SSL / TLS certificates
An SSL (Secure Socket Layer) or TLS (Transport Layer Security) certificate is a digital certificate that authenticates a server (most often a web server) and encrypts the data exchanged with it. The data is thus exchanged in confidence between two actors whose identity is known. The data exchanged cannot be spied on or altered by a third party: confidentiality and integrity. Download this document “5 minutes to understand: SSL / TLS certificates” on Nameshield’s website. ... Read More
Firefox 83 launches HTTPS-Only mode
On November 17, Mozilla released the version 83 of the Firefox browser, promising improved performance in terms of page loading and browsing responsiveness, as well as a significant reduction in the memory used. But above all, Mozilla introduces a brand-new security feature to the small world of browsers, an “HTTPS-Only Mode” option to limit browsing to secure HTTPS* connections only. Image source: Mozilla Security Blog Mozilla is pushing it further regarding the desire of ... Read More
The dangers of Wildcard certificates
Image source: skylarvision via Pixabay TLS/SSL certificates are used to authenticate servers (mostly Web) and encrypt traffic between websites and users. Thus, they ensure the integrity of the data exchanged and prevent data spying. The digitalization of the company and the world in general, as well as the browsers’ desire to impose HTTPS:// by default, have multiplied exponentially the need for certificates. To meet these growing needs, the wildcard certificate (*.domainname.com) i... Read More
Let’s Encrypt, do not confuse confidentiality and security
Let’s Encrypt was recently the subject of discussions in the small world of TLS certificates, by suddenly revoking 3 048 289 certificates which should not have been issued. A bug in its validation software prevented CAA registrations controls, and the certificates in question should not have been initially issued. These significant disruptions resulted from this mass revocation, but it is difficult to complain about a free service. I am often asked what I think of Let’s Encrypt, an... Read More
Apple announces the limitation of SSL certificates duration to 1 year in Safari
Source de l’image : kropekk_pl via Pixabay Apple announced this week that the maximum lifetime of SSL / TLS certificates on its devices and Safari browser would be limited to 398 days (1 year, and 1 month to cover the renewal period). The change, announced by Apple at the CA / Browser Forum meeting in Bratislava, Slovakia, will take effect for certificates issued after August 31, 2020. Apple’s announcement follows a failure of the CA / B Forum’s vote on one-year certificates (... Read More
Soon a maximum duration of one year for SSL certificates?
What is happening? The industry actors plan to reduce the lifetime of SSL/TLS certificates, allowing the HTTPS display in browsers, to 13 months, i.e. almost half of the present lifetime of 27 months, in order to improve security. Google through the CA/Browser Forum has indeed proposed this modification, approved by Apple and a Certification Authority, making it eligible to vote. During the next CA/B Forum meetings, if the vote is accepted, the modification of the requirements will co... Read More
The Nameshield SSL interface has had a complete makeover
More user-friendly, more comprehensive, more attractive… our brand new and improved Nameshield SSL interface is being launched on Thursday, June 13th allowing you to manage all of your certificates. You will now have access to key metrics on your certificate portfolio, to different certificate lookup views (such as complete portfolio, detailed overview, certificates nearing expiry, pending orders, expired or revoked certificates), to an Organization and Contact management tool and... Read More
GDPR – What is the impact on your SSL certificates?
The European Data Protection Regulation (GDPR) came into effect on 25th May and its impact on the management of your SSL certificates portfolio is not neutral. All Certification Authorities have previously always relied on the WHOIS of the domain name that needs to be certified in order to validate that the certificate applicant has the domain name technical operator’s agreement. In order to validate an order, one of the authentication steps involved sending an email to one of the email addr... Read More