Release Certificate Transparency Has Been Required on the Agenda

2017-01-03 09:31 Posted by: Yoko in News, SSL Go to Comment

Recently Google Chrome team has announced that Certificate Transparency (CT) will be commanded mandatorily for extensively accepted SSL Certificates in 2017. And then Facebook and Firefox all followed by making Certificate Transparency available.

Certificate Transparency (CT) is a part of SSL Certificates and Certificate Authorities (CA) as the most important improvements of the Web PKI infrastructure. CA is responsible for issuing certificates, then CT logs them so that every web visitors can see.

SSL Certificates are mostly used to protect the trading process with utilizing credit card, as well as logins and data transfer between web server and browser. In fact, SSL is small data file combining with a cryptographic key, and it can activate the padlock and the https protocol once the web site has installed on a web server.

So it is essential to guarantee the security of data so that more customers will choose to trust the web site. Also it can help rank higher in Google Search for Google considers SSL Certificates as high-level endorsement according to its guarantee of security.

Currently the significance of CT is to know better about the practices of Certificate Authorities (CAs) which also can be said as the companies who issue SSL certificates. If certificates are all publically logged, it will be more convenient for the users and industry watchdogs to monitor CT logs and some deceitfully issued certificates so that they can help ignore potential compromise or CA misconduct of CA.

In Google’s announcement, any certificate issued after October 2017 is considered that accepts with Chrome’s Certificate Transparency policy, so that web site can be trusted by Chrome, or else will be punished with full-page errors and becoming useless anyway.

As we know, certificate mis-issuance is a very common and potential harm in Web PKI. CA is more vulnerable when it is issuing a certificate, and can be easily attacked by hackers, or other faulty actions. CT is reliable after being tested for months, and has found out plenty of failures and mis-issuances successfully.

In Facebook, domain administrators and website masters are also provided convenience with Certificate Transparency monitoring tool. Whenever there is new certificate issuing for domains, this tool can help users search Certificate Transparency logs and build up new automatic monitoring more easily.

In November, Mozilla also announced that CT is available in Firefox. Mozilla is always praised by its outstanding transparent Root Program. And its CA team said that they are working on accomplishing the purpose of this policy, not what the purpose’s content is.

Previously, some researchers and large internet companies have ability to scan and monitor the certificates, but this will probably miss some unnormal issued certificates for their domains. And until CT appears, this problem can be solved.

CT is a very easy of use tool. With it everyone is able to search by domain name, and book email services once SSL certificate is settled for that domain. And it is visible to see the origin of each certificate, like its domains, subject information, validity period and the PEM formatted certificate. You can benefit from browsers with equipping CT. 

Related Articles

Things Beneath Red Hat’s and Oracle’s Earnings Reports
06/27
Red Hat and Oracle published their quarterly earnings reports which showed exciting results than previous expectation, so there must be lots of smiles in Redwood Shores and Raleigh this week. The good news also inspired their stock values that Red Hat’s increased by 10.6% in the early trading after the good news gave out, and Oracle got a 9% rise.
What Shippable’s Continuous Delivery Mean For MSPS?
06/26
The most challenging stage is the software release stage for developers. This process is repeated every single time you want to update your product, and it leads to slower releases which add no value to customers.
WMT vs. Amazon, S.F. Express vs. CaiNiao: Cloud Data Storage is Particularly Important
06/23
It is very clear that cloud data storage is the key reason that WMT requires the technology companies it is partnering in some business. Actually, there was a similar event happening in China, which was between S.F. Express and CaiNiao, because of the customer data interfaces. The exposed the fight between Alibaba Cloud and Tencent Cloud in the cloud data storage area.
Study Conducted in Digital Reality: Direct Connections to Cloud Bring 50X Less Latency
06/23
For enterprises that are considering making public cloud as a part of their data center solution, latency is one of the major problems they could face. For others who have already jumped in and started using public cloud the cost incurred becomes a problem. Others are able to predict this problem ahead and use public clouds in circumstances where latency will not pose a problem to them.
Microsoft Supports Newly Launched AMD EPYC 7000 Datacenter Processors
06/22
AMD newly launched advanced chips, the AMD Epyc 7000 series, which is for datacenter, and the chip giant hopes to use it to receive a comeback in servers. Microsoft decided to use this datacenter processor to support its Windows Azure platforms and its Windows Servers.
Comment
Be the first to comment!
About the author
Yoko
Views: 2161
Articles: 7

Author's Hot Articles

godaddy
hub

Hot Posts

Service Recommendation

Cloud Hosting
Cloud hosting is the fastest growing hosting solutions in the industry. »
Cloud Storage
Best Cloud Storage are named based on customer and expert reviews. »
SSL
The most popular SSL certificate providers in the industry are here. »
China Web Hosting
Find out a comprehensive evaluation to the host service provider in China. »
bluehost
Chat Advertising cooperation TOP