![A Look at 30 Key Cyber Crime Statistics [2023 Data Update]](https://www.thesslstore.com/blog/wp-content/uploads/2022/02/cyber-crime-statistics-feature2-75x94.jpg)
(No Ratings Yet)
Loading...Firefox Will Support Certificate Transparency
Certificate Transparency just took a huge step forward.
Mozilla has made a big announcement: “CT is coming to Firefox.” Certificate Transparency, abbreviated as CT, is an incredibly important tool for improving safety for publicly-trusted SSL certificates.
So far, all Mozilla has said is that Firefox will support Certificate Transparency. Its actual policy – including the criteria for log inclusion, and if/when SSL certificates will need to support CT – has not been formed.
Google, whose engineers invented Certificate Transparency, recently made a major announcement: A year from now (October 2017), Chrome will be requiring all SSL certificates support CT. Chrome has supported, but in most cases not required, CT for over a year. Other browsers have yet to do so because the system was still being perfected.
For those who are unfamiliar, Certificate Transparency is a new-ish addition to our industry. It is a system where Certificates Authorities (CAs) submit their issued certificates to publicly-searchable servers known as “logs.” These logs provide a way for anyone to search for and monitor issued certificates. As the name suggests, the goal is to provide transparency into a CA’s issuance practices.
It is important to know what certificates are being issued because it allows the community – including users and software that relies on publicly-trusted SSL (web browsers) – to spot non-compliance and mis-issuance. CT has already been used to spot multiple cases of CA malfeasance and has helped strengthen the security of Web PKI (the formal name for the entire system that comprises CAs and publicly-trusted SSL Certificates).
Without CT, the only way to know what certificates a CA is issuing is to stumble across them on the internet. Projects like censys.io have collected millions of certificates by conducting internet-wide scans of servers, but that method will always be incomplete. By getting the information directly from the source (the CAs themselves), CT provides better oversight.
The Certificate Transparency system is very similar to the CA system. CT logs can be operated by anyone (like CAs), and those logs can be valid sources for browsers provided they follow the necessary policies and practices (like Root Programs).
Mozilla is known for running an extremely transparent Root Program. It operates the program publicly on its mozilla.dev.security.policy mailing list and on the Bugzilla bug-tracking site. Recent incidents, like the discussion of how to respond to WoSign’s mis-issuances, received over 400 comments.
Gervase Markham, a member of Mozilla’s CA team who started the discussion topic about Certificate Transparency, said at this point Mozilla is trying “to work out the scope of the policy, not what the policy will be.”
If you have any thoughts on what Mozilla should consider, you can share them in the discussion thread.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown