Major Certificate Authorities Unite In The Name Of SSL Security

Comodo, DigiCert, Entrust, GlobalSign, Go Daddy, Symantec, and Trend Micro form Certificate Authority Security Council (CASC)

Amid growing concerns of threats to and the integrity of the certificate authority (CA) infrastructure, the worlds biggest CAs have banded together to promote and evolve stronger website security.
We felt SSL needed a leader, says Jeremy Rowley, associate general counsel for DigiCert, which, along with Comodo, Entrust, GlobalSign, Go Daddy, Symantec, and Trend Micro, today officially launched the new organization. We felt a group of CAs, rather than one CA, was a better approach, he says.
The first line of business for the new
Certificate Authority Security Council (CASC)
is to push the adoption of online certificate status protocol (OCSP) stapling for Web server administrators, software vendors, browser makers, and end users. OCSP stapling is a method of revoking invalid or expired digital certificates. Its an enhancement to the OCSP protocol that basically eliminates the need for Web users to check OCSP responses with the CA, and is more efficient because the Web server caches the response from the CA.
In OCSP stapling, the Web server goes to the CA, gets a response signed by the CA, and keeps it at the Web server. So when the browser goes there in the SSL handshake ... it gets a response right away, says Bruce Morton, director of certificate services for Entrust. Theres less latency to users of that site. Its a performance enhancement a lot of users are looking for.
CASC plans to serve as a research, security advocacy, and education organization for the SSL CA world, its founders say. It plans to support the work of the CA/Browser Forum and other standards bodies, and to help develop enhancements to SSL and the security and operation of the CA process.
CASC is not a standards body. Instead, we will work on helping people understand the critical polices on SSL and ... promote best practices in advancing the trust of CA operations, DigiCerts Rowley says. Our main goal is to be an authoritative resource on SSL.
The organization also hopes to stem the problem of
improperly configured SSL certificates on Web servers
that has been spotlighted by the
Qualys SSL Labs project
, headed up by Qualys director of engineering Ivan Ristic.
One of the things were already talking about are some websites out there are improperly configuring SSL certs on their server, Rowley says. So some of the things we are going to be releasing are documents to help with that.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Major Certificate Authorities Unite In The Name Of SSL Security