DigiCert Statement on Trustico Certificate RevocationResources Explore these pages to discover how DigiCert is helping organizations establish, manage and extend digital trust to solve real-world problems. BLOG > PR & NEWS > EVENTS > CASE STUDIES > WEBINARS >
CAA Record Generator
Over a hundred certificate authorities (CAs) have the power to issue certificates which vouch for the identity of your website. Certificate Authority Authorization (CAA) is a way for you to restrict issuance to the CAs you actually use so you can reduce your risk from security vulnerabilities in all the others. Setting up CAA is an easy way to improve your website's security. Learn More
Removing Disabled WoSign and StartCom Certificates from Firefox 58 – Mozilla Security Blog
Removing Disabled WoSign and StartCom Certificates from Firefox 58 In October 2016, Mozilla announced that, as of Firefox 51, we would stop validating new certificates chaining to the root certificates listed below that are owned by the companies WoSign and StartCom. The announcement also indicated our intent to eventually completely remove these root certificates from Mozilla’s Root Store, so tha
DigiCert to Acquire Symantec's Website Security Business
MOUNTAIN VIEW, Calif. and LEHI, Utah – August 2, 2017 – Symantec Corp. (NASDAQ:SYMC), the world’s leading cyber security company, and DigiCert Inc., a leading provider of scalable identity and encryption solutions for the enterprise, today announced an agreement under which DigiCert will acquire Symantec’s Website Security and related PKI solutions. Under the terms of the agreement, Symantec will
Google Cloud services are switching Certificate Authority | Google Cloud Blog
Earlier this year, Google announced that we had established Google Trust Services to operate our own Root Certificate Authority on behalf of Google and Alphabet. Preparations are proceeding apace and customers that rely on Google services—including Google Cloud services such as Compute Engine, Gmail and others—should be aware that Google will soon begin using a different Certificate Authority (CA)
Godaddyã®SSL証明書ã«ãƒ‰ãƒ¡ã‚¤ãƒ³èªè¨¼ã®è„†å¼±æ€§ãŒã‚ã‚Š8850件ã®è¨¼æ˜Žæ›¸ãŒå¤±åŠ¹ã•ã‚ŒãŸ
エグゼクティブサマリ GoDaddy社ã®ç™ºè¡Œã™ã‚‹ãƒ‰ãƒ¡ã‚¤ãƒ³èªè¨¼SSL証明書ã«èªè¨¼ä¸å‚™ã®è„†å¼±æ€§ãŒã‚ã‚Šã€äºˆé˜²çš„ãªå‡¦ç½®ã¨ã—ã¦8850件ã®ç™ºè¡Œæ¸ˆè¨¼æ˜Žæ›¸ãŒå¤±åŠ¹ã•ã‚ŒãŸã€‚ã“ã‚Œã¯åŒæœŸé–“ã«ç™ºè¡Œã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®2%未満ã§ã‚る。ç¾åœ¨ã¯è„†å¼±æ€§ã¯è§£æ¶ˆã•ã‚Œã¦ã„る。 æ¦‚è¦ GoDaddy社ã¯ç±³å›½ã®ãƒ›ã‚¹ãƒ†ã‚£ãƒ³ã‚°ï¼ˆãƒ¬ãƒ³ã‚¿ãƒ«ã‚µãƒ¼ãƒãƒ¼ï¼‰ã‚„レジストラã®å¤§æ‰‹ã§ã€èªè¨¼å±€ï¼ˆCA)ã®äº‹æ¥ã‚‚手ãŒã‘ã¦ã„ã¾ã™ã€‚ GoDaddyãŒç™ºè¡Œã™ã‚‹ãƒ‰ãƒ¡ã‚¤ãƒ³èªè¨¼è¨¼æ˜Žæ›¸ã®èªè¨¼æ‰‹ç¶šãã«ä¸å‚™ãŒã‚ã£ãŸã¨ã—ã¦å ±å‘Šã•ã‚Œã¦ã„ã¾ã™ã€‚ In a typical process, when a certificate authority, like GoDaddy, validates a domain name for an SSL certificate, they provide a random code to the customer and ask them to p
Amazon Trust Services LLC
© 2024, Amazon Trust Services LLC Amazon Trust Services is part of the Amazon.com, Inc. group of companies. For more details, please contact: Amazon Trust Services 410 Terry Avenue North Seattle, Washington 98109 United States Telephone: +1-206-765-2092 Please see our repository for certificate problem reporting contacts.
ã€ç¿»è¨³ã€‘WoSign 㨠StartCom ã«ã‚ˆã‚‹ä»Šå¾Œã®è¨¼æ˜Žæ›¸ã¯æ‹’å¦ã—ã¾ã™ - Mozilla Security Blog 日本語版
ã“ã®è¨˜äº‹ã¯ã€2016 å¹´ 10 月 24 日付㧠Mozilla Security Blog ã«æŠ•ç¨¿ã•ã‚ŒãŸ Distrusting New WoSign and StartCom Certificates(ç†è€…: kwilson)ã®ç¿»è¨³ã§ã™ã€‚ã“ã®ç¿»è¨³ã¯å…¬å¼ãªã‚‚ã®ã§ã¯ã‚ã‚Šã¾ã›ã‚“。詳ã—ãã¯ã“ã¡ã‚‰ã‚’ã”覧ãã ã•ã„。 WoSign ã¨ã„ã†èªè¨¼å±€ï¼ˆCA)ãŒæŠ€è¡“é¢ã¨é‹ç”¨é¢ã«ãŠã„ã¦å¤šãã®å¤±æ…‹ã‚’犯ã—ã¦ã„ãŸã“ã¨ã€ã‚ˆã‚Šæ·±åˆ»ãªã“ã¨ã«ã¯ã€2016 å¹´ 1 月 1 日をもã£ã¦ SHA-1 SSL 証明書を発行ã§ããªããªã‚‹æœŸé™ã‚’回é¿ã™ã‚‹ãŸã‚ã€ç™ºè¡Œæ—¥ã‚’å¤ã„日時ã«æ”¹ã–ã‚“ã—ã¦è¨¼æ˜Žæ›¸ã®ç™ºè¡Œã‚’è¡Œã£ã¦ã„ãŸã“ã¨ã‚’ Mozilla ã¯ç¢ºèªã—ã¾ã—ãŸã€‚ã•ã‚‰ã«ã€åˆ¥ã® CA ã§ã‚ã‚‹ StartCom ã®æ‰€æœ‰æ¨©ã‚’ WoSign ãŒå®Œå…¨ã«ä¿æœ‰ã—ã¦ã„ã‚‹ã«ã‚‚é–¢ã‚らãšã€Mozilla ã®è¦æ±‚ã™ã‚‹ãƒãƒªã‚·ãƒ¼ã«åã—ã¦ã“ã®äº‹å®Ÿã‚’公開ã—ã¦ã„ãªã‹ã£ãŸã“ã¨ã‚‚判明ã—ã¾
ä¸å›½æœ€å¤§ã®èªè¨¼å±€ã€ŒWoSignã€ãŒè¨¼æ˜Žæ›¸ç™ºè¡Œæ—¥æ”¹ç«„ãªã©ã‚’è¡Œã£ã¦ã„ãŸã¨ã—ã¦FirefoxãŒãƒ–ãƒãƒƒã‚¯ã®æ–¹é‡
by Eljay ä¸å›½æœ€å¤§ç´šã®èªè¨¼å±€ã€Œæ²ƒé€š(WoSign)ã€ãŒãƒ‹ã‚»è¨¼æ˜Žæ›¸ã‚’発行ã—ã¦ã„ãŸå•é¡Œã§ã€ã‚¦ã‚§ãƒ–ブラウザã®1ã¤ãƒ»FirefoxãŒWoSignã®è¨¼æ˜Žæ›¸ã‚’ブãƒãƒƒã‚¯ã™ã‚‹æ–¹é‡ã‚’固ã‚ã¾ã—ãŸã€‚ WoSign and StartCom - Google Docs https://docs.google.com/document/d/1C6BlmbeQfn4a9zydVi2UvjBGv6szuSB4sMYUcVrR8vQ/ Firefox ready to block certificate authority that threatened Web security | Ars Technica http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-we
Upcoming Changes to Root Certificates in Firefox on Windows
For organizations interested in supporting Firefox on Windows in a managed environment, a longstanding hurdle has been that Firefox does not use the underlying platform’s certificate database when verifying TLS web server certificates. As an organization, having a separate transparent and open certificate authority program furthers Mozilla’s goal of fostering the open web. However, for users in ma
ep23 Let's Encrypt | mozaic.fm
Theme 第 23 回ã®ãƒ†ãƒ¼ãƒžã¯ Let's Encrypt ã§ã™ã€‚ 今回ã¯ã€åŒ¿åã®ã‚²ã‚¹ãƒˆã¨ã—㦠PKI ã®ã‚¹ãƒšã‚·ãƒ£ãƒªã‚¹ãƒˆã€Œå…ˆç”Ÿã€ã‚’ãŠè¿Žãˆã—ã¦ã€ HTTPS 化推進ã®è¦ã§ã‚ã‚‹ Let's Encrypt ã‚’ãã£ã‹ã‘ã«ã€è¿‘年多発ã—ã¦ã„る「CA ã¯ä¿¡ç”¨ã§ãã‚‹ã®ã‹å•é¡Œã€ã‚‚è¸ã¾ãˆãªãŒã‚‰ã€ä»Š CA ã‚’å«ã‚㟠PKI ã®ä¸–界㧠「今何ãŒãŠã“ã£ã¦ã„ã‚‹ã®ã‹ã€ã¨ã€Œã“ã‚Œã‹ã‚‰ã©ã†ãªã£ã¦ã„ãã®ã‹ã€ã«ã¤ã„ã¦è°è«–ã—ã¾ã—ãŸã€‚ 先生 ã¯ã€ã‚¨ãƒ”ソードã®æœ€å¾Œã«ãŠã£ã—ゃã£ã¦ã„ãŸã‚ˆã†ã«ã€ã“ã® mozaic.fm ã®ä¸»æ—¨ã«è³›åŒã—ã¦ã€è‰²ã€…調整ã®çµæžœåŒ¿åã¨è¨€ã†å½¢ã§ç‰¹åˆ¥ã«å‡ºã¦ä¸‹ã•ã„ã¾ã—ãŸã€‚ 先生ã®å£°ã¨è©±ã‹ã‚‰ã€èª°ã ãŒåˆ†ã‹ã‚‹äººã‚‚ã„ã‚‹ã¨æ€ã„ã¾ã™ãŒã€ãã“ã¯è‰²ã€…察ã—ã¦å¤§äººãªå¯¾å¿œã‚’ãŠé¡˜ã„ã—ã¾ã™ã€‚ Show Note 00:00 Intro Let's Encrypt é›»åフãƒãƒ³ãƒ†ã‚£ã‚¢è²¡å›£(EFF) https-everywhere 09:15 ãª
ä¸å›½æœ€å¤§ç´šã®èªè¨¼å±€ã€ŒWoSignã€ãŒãƒ‹ã‚»ã®è¨¼æ˜Žæ›¸ã‚’発行ã—ã¦ã„ãŸã“ã¨ãŒåˆ¤æ˜Ž
by Barney Moss ç„¡æ–™ã§SSL証明書を発行ã—ã¦ãれるã“ã¨ã§ã€å¤šãã®è‡ªå®…サーãƒãƒ¼ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é‡å®ã•ã‚Œã¦ã„ã‚‹ä¸å›½æœ€å¤§ç´šã®èªè¨¼å±€ã€Œæ²ƒé€š(WoSign)ã€ãŒã€ã€Œå½ç‰©ã®è¨¼æ˜Žæ›¸ã€ã‚’大é‡ã«ç™ºè¡Œã—ã¦ã„ãŸã“ã¨ãŒæ˜Žã‚‰ã‹ã«ãªã‚Šã¾ã—ãŸã€‚ The story of how WoSign gave me an SSL certificate for GitHub.com | Schrauger.com https://www.schrauger.com/the-story-of-how-wosign-gave-me-an-ssl-certificate-for-github-com Thoughts and Observations: Chinese CA WoSign faces revocation after possibly issuing fake certificates of Github,
Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains
A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain. The certificate authority, named WoSign, issued a base certificate for the Github domains to an unnamed GitHub user. But How? First of all, do you know, the traditional Digital Certificate Managemen
Name Constraints を使ã£ãŸç‹¬è‡ªCAã®é‹ç”¨æ‰‹é †
ウェブブラウザãŒæ–°æ©Ÿèƒ½ã‚’HTTPSã§ã—ã‹æœ‰åŠ¹ã«ã—ãªã„ã“ã¨ãŒå¤šããªã£ã¦ããŸã®ã§ã€é–‹ç™ºç’°å¢ƒã§ã‚‚HTTPSを使ã„ãŸã„。ã§ã‚‚ã€é–‹ç™ºç’°å¢ƒç”¨ã«ã‚µãƒ¼ãƒè¨¼æ˜Žæ›¸ã‚’è²·ã†ã®ã¯æ‰‹é–“。Let's Encryptã‚‚é‹ç”¨ãŒã‚ã‚“ã©ãã•ã„ã¨ã‹ã€ç¤¾å†…ã‹ã‚‰ã—ã‹ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„サーãƒã¸ã®è¨¼æ˜Žæ›¸ç™ºè¡ŒãŒé›£ã—ã„ã¨ã‹ã„ã‚ã„ã‚ã‚ã‚‹ã—…ã£ã¦ãã“ã§Name Constraintsを使ã£ãŸç‹¬è‡ªCAã§ã™ã‚ˆå¥¥ã•ã‚“。 Name Constraints ãŒä½•ã§ã‚ã‚‹ã‹ã«ã¤ã„ã¦ã¯ã€ä»¥å‰ã‚ªãƒ¬ã‚ªãƒ¬èªè¨¼å±€ã®é©åˆ‡ãªé‹ç”¨ã¨Name Constraintsã«æ›¸ã„ãŸã¨ãŠã‚Šã€‚ 本稿ã§ã¯ã€Name Constraintsを使ã†CAã®é‹ç”¨æ‰‹é †ã‚’説明ã™ã‚‹ã€‚ 1. CAéµã¨è¨¼æ˜Žæ›¸ã®ä½œæˆ 1.1. CAã®ç§˜å¯†éµã‚’ä½œæˆ % openssl genrsa -out ca.key 2048 1.2. openssl.cnfã«CA証明書ã«è¨å®šã™ã‚‹å±žæ€§ã‚’指定ã™ã‚‹ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’追記 [priva
1
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Chrome’s Plan to Distrust Symantec Certificates
0.me.uk
Certificate Transparency Deadline Moved to April 2018
The foundation of a more secure web
{{#tags}}- {{label}}
{{/tags}}