CA/B Forum and Industry Update. Dean Coclin Sr. Director of Business Development Chair CA/B Forum
|
|
- Marcia Wilkins
- 5 years ago
- Views:
Transcription
1 CA/B Forum and Industry Update Dean Coclin Sr. Director of Business Development Chair CA/B Forum
2 Agenda 1 What s new in the Industry? 2 Phishing 3 Update from the CA/B Forum Copyright 2014 Symantec Corporation 2
3 1 What s new in the industry 2 Phishing 3 Update from the CA/B Forum Copyright 2014 Symantec Corporation 3
4 http will become a thing of the past Copyright 2014 Symantec Corporation 4
5 Browsers will warn users of non-https connections Chrome plans to warn users when pages are insecure (non-https) Type chrome://flags and select: Mark nonsecure origins as non-secure to test behavior 5
6 Firefox warnings When passwords are requested over http:
7 Chrome to Present Similar Warnings Symantec Corporation 7
8 US Government moving to all https See: pulse.cio.gov Out of 1166 domains!
9 Powerful features only on https 1. Geolocation (Chrome 50) 2. Device Motion/Orientation 3. Fullscreen 4. getusermedia (Camera/Mic) 5. Encrypted Media Extension (DRM) See:
10 http2 over https only Chrome, Firefox, IE, Edge, Safari, Opera Significantly faster!
11 Improved referrer data http Website Operator: Where did that guy come from? Source (https): Sorry I can t tell you because you are not using https MORAL: Use https for your own site and improve your referrer data!
12 Google giveth SMTP TLS Connection GUI in gmail No encryption According to Netcraft, 82% of mail servers don t have a publicly trusted SSL cert yet Use publicly trusted certs for mail servers With encryption certificate
13 And google taketh away Potential removal of EV treatment in Chrome Claim: users don t understand and can t differentiate Not imminent as it currently is the stick to force CAs to use CT for EV
14 https is coming to a domain near you Google Blogspot Google Analytics Reddit Wikimedia.gov Wordpress yell.com Bitly (for URL shorteners) Shopify
15 What do these mean? Consistent, Universal, Global, No learning curve! Copyright 2014 Symantec Corporation 15
16 Consistency Matters Copyright 2014 Symantec Corporation 16
17 Industry Stats +65% growth from Aug 2015 August 2016: 5.97M certs DV OV EV 76.1% 21% 3.1%
18 Top Million Busiest Sites All Certificates EV, 3% Top Million EV, 16% OV, 21% DV, 47% DV, 76% OV, 37% DV OV EV DV OV EV Source: Netcraft Data May 2016
19 Market Share Top Million 40% Top Million Netcraft Sites 35% 30% 25% 20% 15% 10% 5% 0% Symantec Comodo GoDaddy Digicert Globalsign Entrust Startcom Let's Encrypt Other Market Share - Top Million
20 Number of certificates Certificates Switching to Let s Encrypt 1,600 1,400 1,200 1, Comodo StartCom Symantec GoDaddy WoSign GlobalSign Other DigiCert QuoVadis Unizeto Network Solutions Source of gained certificates Trustwave Entrust.net TAIWAN-CA 2016 Symantec Corporation 20
21 Dean s Predictions Certificate usage will continue to grow 6.5 to 7.5M in 12 months Fueled by https initiatives (search ranks, powerful features, negative browser UI) SNI servers will show increased growth SHA-1 usage will decline dramatically (and so will XP!) Phishing using DV certs will continue to increase Chrome will be on the bleeding edge of changes and enforcements IPv6 will finally be adopted for CRL and OCSP lookups
22 1 What s new in the industry 2 Phishing Update from the CA/B Forum Copyright 2014 Symantec Corporation 22
23 Phishing certs found by Netcraft (August 2016) STRATO AG, 1% SSL.com, 1%, Starrtcom, 2% WoSign, 5% Amazon, 0%, Globalsign, 4%, 35% of Comodo certs issued by Cloudflare Symantec, 6% Let's Encrypt, 10% Comodo, 61% GoDaddy, 9%,
24 Recent phishing example sites Let s Encrypt paypal-4updates.com icloud-unlock.pl icloud-lostapple.info restore-amazon.com intl-paypal.hotchat.online Comodo net-flix.one amazom.ml paypal-security.center p.aypal.info safe-payment.online pypal-account-information.info Copyright 2014 Symantec Corporation 24
25 Summary DV: Easy to get by legitimate users and cybercriminals Phishers getting more adept at creating look-alike domains xn 80aj7b8a.com еьау.com xn secure-ank-yzi.com secure-ьank.com ltunes.com paypl.com ww.vv-paypal.com icl0ud.ru.com Ecosystem partners must work together
26 1 What s new in the industry 2 Phishing 3 Update from the CA/B Forum Copyright 2014 Symantec Corporation 26
27 What do you know about the CA/B Forum? TRUE OR FALSE: Anyone can join the CA/B Forum as a voting member The Forum s latest member is from the Ukraine Firefox supports short lived certificates Code Signing Requirements will go into effect next year A working group was formed to change the governance of the forum A ballot to report mis-issued certificates failed 27
28 CAB Forum: What s new since last year? New members: Amazon, Let s Encrypt, ComSign, GDCA Members suspended: Visa Governance Change Working Group formed F2F meetings held in Istanbul, Scottsdale, Bilbao Upcoming meetings in Redmond, Cupertino (2017), Berlin (2017) Failed Ballots in 2015: Certificate Mis-Issuance All publicly trusted CAs, whether members of CABF or not, must adhere to guidelines! 28
29 Current Topics Code Signing Working Group: Baseline Requirements BALLOT FAILED! BUT: Microsoft adopts BRs as of Feb 1, 2017 Certificate Mis-issuance, Short Lived Certificates BALLOTS FAILED! Governance Change: Other types of certificates SHA-1 for payment processors EV Wildcards 29
30 Q & A Copyright 2014 Symantec Corporation 30
31 Thank you! Dean Coclin Copyright 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements
Chair of Network Architectures and Services Department of Informatics Technical University of Munich In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements
More informationCOMODO CA SSL CERTIFICATES
COMODO CA SSL CERTIFICATES Key Features and Comparisons Thank you for considering Comodo CA as your SSL security provider. This document contains a feature and price comparison of the Comodo range of certificates.
More informationCOMODO CA SSL CERTIFICATES
COMODO CA SSL CERTIFICATES Key Features and Comparisons Thank you for considering Comodo CA as your SSL security provider. This document contains a feature and price comparison of Comodo s range of certificates.
More informationCA/Browser Forum. To effect positive changes to improve Internet security June 9, Atsushi Inaba.
CA/Browser Forum To effect positive changes to improve Internet security June 9, 2015 Atsushi Inaba atsushi.inaba@globalsign.com (C) GMO GlobalSign K.K. All Rights Reserved. Agenda 1. CA/Browser Forum
More informationTHE BUSINESS VALUE OF EXTENDED VALIDATION
THE BUSINESS VALUE OF EXTENDED VALIDATION How Internet Browsers Support EV and Display Trusted Websites +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Objectives Page 4 How to bring
More informationBugzilla ID: Bugzilla Summary:
Bugzilla ID: Bugzilla Summary: CAs wishing to have their certificates included in Mozilla products must 1) Comply with the requirements of the Mozilla CA certificate policy (http://www.mozilla.org/projects/security/certs/policy/)
More informationSSL247 SHA-2 MIGRATION
SSL247 SHA-2 MIGRATION Table of contents SHA-1 deprecation, moving to SHA-2...1 SHA-2 Compatibility...5 What is SHA-1 and why it is being deprecated?...1 OS, Browser and Server support...5 What is SHA-2?...1
More informationSSL247 SHA-2 MIGRATION
SSL247 SHA-2 MIGRATION Table of contents SHA-1 deprecation, moving to SHA-2...1 SHA-2 Compatibility...5 What is SHA-1 and why it is being deprecated?...1 OS, Browser and Server support...5 What is SHA-2?...1
More informationCertificate Updates for Polycom Trio Solution with UC Software 5.8.0AA
TECHNICAL UPDATE January 2019 3725-24444-005A with UC Software Polycom, Inc. 1 Copyright 2019, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another language
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationSSL / TLS. Crypto in the Ugly Real World. Malvin Gattinger
SSL / TLS Crypto in the Ugly Real World Malvin Gattinger 2016-03-17 SSL/TLS Figure 1: The General Picture SSL or TLS Goal: Authentication and Encryption Secure Sockets Layer SSL 1 (never released), 2 (1995-2011)
More informationCertification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive
Certification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive Asseco Data Systems S.A. Podolska Street 21 81-321 Gdynia, Poland Certum - Powszechne
More informationSSL/TLS and Why the CA System is Broken
SSL/TLS and Why the CA System is Broken or: How China can read your email James Schwinabart james@schwinabart.com September 6, 2011 What is SSL/TLS? Secure Sockets Layer or Transport Layer Security A protocol
More informationTrusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN
Trusted Identities Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN WHAT YOU WILL LEARN TODAY Strong identity verification as a security measure and business enabler Authentication
More informationCertCentral Public SSL/TLS Certificate CT Logging Guide
CertCentral Public SSL/TLS Certificate CT Logging Guide Version 1.2 Table of Contents 1 Logging Public SSL/TLS Certificates to Public CT Logs... 3 1.1 Will DigiCert Log All Certificates to Public CT Logs?...
More informationCertCentral API Public SSL/TLS Certificate Transparency Opt Out Guide
CertCentral API Public SSL/TLS Certificate Transparency Opt Out Guide Version 1.3 Table of Contents 1 Logging Public SSL/TLS Certificates to Public CT Logs... 3 1.1 Will DigiCert Log All Certificates to
More informationLegacy of Heartbleed: MITM and Revoked Certificates. Alexey Busygin NeoBIT
Legacy of Heartbleed: MITM and Revoked Certificates Alexey Busygin busygin@neobit.ru NeoBIT Notable Private Key Leaks 2010 DigiCert Sdn Bhd. issued certificates with 512-bit keys 2012 Trustwave issued
More informationQUALYS SECURITY CONFERENCE Qualys CertView. Managing Digital Certificates. Jimmy Graham Senior Director, Product Management, Qualys, Inc.
18 QUALYS SECURITY CONFERENCE 2018 Qualys CertView Managing Digital Certificates Jimmy Graham Senior Director, Product Management, Qualys, Inc. Agenda Introduction Evolving browser markers Introducing
More informationComodo Certificate Manager Software Version 5.0
Comodo Certificate Manager Software Version 5.0 Introducing The Certificate Dashboard Comodo CA Limited, 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Greater Manchester M5 3EQ,
More informationComodo Certificate Manager
Comodo Certificate Manager Simple, Automated & Robust SSL Management from the #1 Provider of Digital Certificates 1 Datasheet Table of Contents Introduction 3 CCM Overview 4 Certificate Discovery Certificate
More informationBlue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7
Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7 Legal Notice Copyright 2018 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the
More informationUser Guide. We protect more people from more online threats than anyone in the world.
User Guide We protect more people from more online threats than anyone in the world. Care for our Environment, It's the right thing to do. Symantec has removed the cover from this manual to reduce the
More informationWhen HTTPS Meets CDN
When HTTPS Meets CDN A Case of Authentication in Delegated Service Jinjin Liang 1, Jian Jiang 1, Haixin Duan 1, Kang Li 2, Tao Wan 3, Jianping Wu 1 1 Tsinghua University 2 University of Georgia 3 Huawei
More informationDANE, why we need it. Daniel Stirnimann Bern, 29. March SWITCH 1
DANE, why we need it Daniel Stirnimann daniel.stirnimann@switch.ch Bern, 29. March 2017 2017 SWITCH 1 Why do we trust this website? 2017 SWITCH 2 Why do we trust this website? 1. DNS lookup for www.credit-suisse.com
More informationH O W T O I N S T A L L A N S S L C E R T I F I C A T E V I A C P A N E L
H O W T O I N S T A L L A N S S L C E R T I F I C A T E V I A C P A N E L A R E S O U R C E F R O M M A K E M E B A I T. C O M B Y R A K T I M D U T T A How to Activate & Install an SSL Certificate in
More informationBlue Coat Security First Steps Solution for Controlling HTTPS
Solution for Controlling HTTPS SGOS 6.5 Legal Notice Copyright 2017 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the Blue Coat logo are trademarks
More informationComodo Certificate Manager Software Version 5.6
Comodo Certificate Manager Software Version 5.6 Introducing The Certificate Dashboard Comodo CA Limited, 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Greater Manchester M5 3EQ,
More informationPartner Information. Integration Overview Authentication Methods Supported
Partner Information Partner Name Product Name Integration Overview Authentication Methods Supported Client Integration F5 Networks FirePass VPN User Name - Security Code User Name - Password - Security
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationSecurity Best Practices. For DNN Websites
Security Best Practices For DNN Websites Mitchel Sellers Who am I? Microsoft MVP, ASPInsider, DNN MVP Microsoft Certified Professional CEO IowaComputerGurus, Inc. Contact Information msellers@iowacomputergurus.com
More informationNetScaler 2048-bit SSL Performance
WHITE PAPER NetScaler Performance NetScaler 2048-bit SSL Performance July 2010 www.citrix.com/netscaler Overview NetScaler 9.2 boosts SSL performance with 2048-bit keys 5X to meet the needs of customers
More informationSecurity Guide Release 4.0
[1]Oracle Communications Session Monitor Security Guide Release 4.0 E89197-01 November 2017 Oracle Communications Session Monitor Security Guide, Release 4.0 E89197-01 Copyright 2017, Oracle and/or its
More informationPartner Information. Integration Overview. Remote Access Integration Architecture
Partner Information Partner Name Product Name Integration Overview Authentication Methods Supported Client Integration OTP Barracuda Networks Barracuda SSL VPN User Name + Security Code VIP Enterprise
More informationSSL. Ensure trust with our premium service
SSL Ensure trust with our premium service SSL Our new automated SSL service will ensure that your lead times for the issuing of SSL Certificates will match the best standards on the market. Find out more
More informationMitel MiVoice Connect Security Certificates
Application Note - AN16036 MT App Note 16036 (AN 16036) May, 2018 Mitel MiVoice Connect Security Certificates Description: This Application Note describes the use of security certificates in Mitel MiVoice
More informationSymantec Protection Center Getting Started Guide. Version 2.0
Symantec Protection Center Getting Started Guide Version 2.0 Symantec Protection Center Getting Started Guide The software described in this book is furnished under a license agreement and may be used
More informationSymantec Ghost Solution Suite Web Console - Getting Started Guide
Symantec Ghost Solution Suite Web Console - Getting Started Guide Symantec Ghost Solution Suite Web Console- Getting Started Guide Documentation version: 3.3 RU1 Legal Notice Copyright 2019 Symantec Corporation.
More informationIPv6 Classification. PacketShaper 11.8
PacketShaper 11.8 Legal Notice Copyright 2017 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the Blue Coat logo are trademarks or registered trademarks
More informationLet s Encrypt and DANE
Let s Encrypt and DANE CaribNOG 13 Barbados 18 Apr 2017 The Deploy360 Programme The Challenge: The IETF creates protocols based on open standards, but some are not widely known or deployed People seeking
More informationHTTPS and the Lock Icon
Web security HTTPS and the Lock Icon Goals for this lecture Brief overview of HTTPS: How the SSL/TLS protocol works (very briefly) How to use HTTPS Integrating HTTPS into the browser Lots of user interface
More informationWeb Applications Installation. version
version 2017.1 Disclaimer This document is for informational purposes only and is subject to change without notice. This document and its contents, including the viewpoints, dates and functional content
More informationAttacks on the Internet Trust Fabric
Attacks on the Internet Trust Fabric The Impact to Enterprise Trust sales@digicert.com www.digicert.com +1 (801) 877-2100 About DigiCert Table of Contents Slide Title 3 Recent Attacks On Certification
More informationA Free, Automated, and Open Certificate Authority. Josh Aas Co-Founder, Executive Director
A Free, Automated, and Open Certificate Authority Josh Aas Co-Founder, Executive Director What is HTTPS HTTPS is HTTP over a connection secured by TLS (used to be called SSL). It s how websites encrypt
More informationThe Cisco HCM-F Administrative Interface
CHAPTER 5 This chapter contains information on the following topics: Overview of Cisco HCM-F Administrative Interface, page 5-1 Browser Support, page 5-2 Login and Logout, page 5-4 Online Help, page 5-5
More informationOracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016
Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E69079-01 June 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided
More informationWeb Applications Installation. version 12.17
version 12.17 Disclaimer This document is for informational purposes only and is subject to change without notice. This document and its contents, including the viewpoints, dates and functional content
More informationEffective date: August 28, AdvancedMD Online Privacy Statement
Effective date: August 28, 2018 AdvancedMD Online Privacy Statement This Privacy Statement explains how AdvancedMD uses and discloses personal information that we collect from people who visit our websites
More informationCertDigital Certification Services Policy
CertDigital Certification Services Policy Page: 2 ISSUED BY : DEPARTAMENT NAME DATE ELECTRONIC SERVICES COMPARTMENT COMPARTMENT CHIEF 19.03.2011 APPROVED BY : DEPARTMENT NAME DATE MANAGEMENT OF POLICIES
More informationPRIVACY POLICY Let us summarize this for you...
PRIVACY POLICY Let us summarize this for you... We promise to never sell your personal information. This site collects usage information to provide a better web experience for our users. If you purchase
More informationRemote Asset Manager. Version 2.2. Administrator's Guide
Remote Asset Manager Version 2.2 Administrator's Guide April 2018 www.lexmark.com Contents 2 Contents Change history... 3 Overview... 4 Deployment readiness checklist...5 Getting started... 6 Installing
More informationSymantec Validation & ID Protection Service. Integration Guide for Microsoft Outlook Web App
Symantec Validation & ID Protection Service Integration Guide for Microsoft Outlook Web App 2 Symantec VIP Integration Guide for Microsoft Outlook Web App The software described in this book is furnished
More information+1 (801)
SEARCH for Trust SSL/TLS Enhancement or Alternatives for Realizing CA Homogeneity (SEARCH) for Trust Research by Dartmouth College and New York University Reported by: Scott Rea Sr. PKI Architect, DigiCert
More informationVeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide
VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide The software described in this book is furnished
More informationETSI European CA DAY TRUST SERVICE PROVIDER (TSP) CONFORMITY ASSESSMENT FRAMEWORK. Presented by Nick Pope, ETSI STF 427 Leader
ETSI European CA DAY TRUST SERVICE PROVIDER (TSP) CONFORMITY ASSESSMENT FRAMEWORK Presented by Nick Pope, ETSI STF 427 Leader ETSI 2012 All rights reserved Topics Background ETSI Activities / Link to Mandate
More informationVersion 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM
Version 9 Release 0 IBM i2 Analyst's Notebook Premium Configuration IBM Note Before using this information and the product it supports, read the information in Notices on page 11. This edition applies
More informationAmazon WorkMail. User Guide Version 1.0
Amazon WorkMail User Guide Amazon WorkMail: User Guide Copyright 2017 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection
More informationMission Accomplished? HTTPS Security after DigiNotar
Mission Accomplished? HTTPS Security after DigiNotar Johanna Amann* Oliver Gasser* Quirin Scheitle* Lexi Brent Georg Carle Ralph Holz ICSI / LBL / Corelight Technical University of Munich Technical University
More informationPolycom RealPresence Resource Manager System, Virtual Edition
Getting Started Guide 8.3.0 December 2014 3725-72114-001B Polycom RealPresence Resource Manager System, Virtual Edition Copyright 2014, Polycom, Inc. All rights reserved. No part of this document may be
More informationCertificate Updates for Polycom UC Software 4.0.9
TECHNICAL UPDATE Software 4.0.9 June 2015 3725-49116-003A Certificate Updates for Polycom UC Software 4.0.9 Polycom, Inc. 1 Copyright 2015, Polycom, Inc. All rights reserved. No part of this document may
More informationTv News Matching Memory Games For Seniors Pdf
Tv News Matching Memory Games For Seniors Pdf Tv News Matching Memory Games For Seniors Pdf 2... 2 dns suffix search list 3... 4 lookup windows product key bios 4... 5 wildcard partial domain name 1...
More informationRed Hat Virtualization 4.2
Red Hat Virtualization 4.2 Introduction to the VM Portal Accessing and Using the VM Portal Last Updated: 2018-07-30 Red Hat Virtualization 4.2 Introduction to the VM Portal Accessing and Using the VM
More informationPublic. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2
Atos Trustcenter Server Certificates + Codesigning Certificates Version 1.2 20.11.2015 Content 1 Introduction... 3 2 The Atos Trustcenter Portfolio... 3 3 TrustedRoot PKI... 4 3.1 TrustedRoot Hierarchy...
More informationSymantec Managed PKI. Integration Guide for AirWatch MDM Solution
Symantec Managed PKI Integration Guide for AirWatch MDM Solution ii Symantec Managed PKI Integration Guide for AirWatch MDM Solution The software described in this book is furnished under a license agreement
More informationIC B01: Internet Security Threat Report: How to Stay Protected
IC B01: Internet Security Threat Report: How to Stay Protected Piero DePaoli Director, Product Marketing IC B01: Internet Security Threat Report: How to Stay Protected 1 Topics 1 Targeted Attacks 2 Spam
More informationSSL Research with Bro
SSL Research with Bro Johanna Amann International Computer Science Institute johanna@icir.org http://www.icir.org/johanna Bro History TRW State Mgmt. Independ. State Host Context Time Machine Enterprise
More informationVersion 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM
Version 9 Release 0 IBM i2 Analyst's Notebook Configuration IBM Note Before using this information and the product it supports, read the information in Notices on page 11. This edition applies to version
More informationOracle Cloud E
Oracle Cloud Known Issues for Oracle Cloud Identity and Access Management 16.3 E68445-07 August 2016 This document describes issues you might encounter when using shared identity management for Oracle
More informationPROVING WHO YOU ARE TLS & THE PKI
PROVING WHO YOU ARE TLS & THE PKI CMSC 414 MAR 29 2018 RECALL OUR PROBLEM WITH DIFFIE-HELLMAN The two communicating parties thought, but did not confirm, that they were talking to one another. Therefore,
More informationPlug-in for VMware vcenter
NETBACKUP 7.6 FEATURE BRIEFING PLUG-IN FOR VMWARE VCENTER NetBackup 7.6 Feature Briefing Plug-in for VMware vcenter Version number: 1.0 Issue date: 2 nd August 2013 This document describes a feature introduced
More informationMoving your website to HTTPS - HSTS, TLS, HPKP, CSP and friends
Moving your website to HTTPS - HSTS, TLS, HPKP, CSP and friends CTDOTNET February 21, 2017 Robert Hurlbut RobertHurlbut.com @RobertHurlbut Robert Hurlbut Software Security Consultant, Architect, and Trainer
More informationOracle Hospitality OPERA Cloud ID Document Scanning Specifications Version February 2018
Oracle Hospitality OPERA Cloud ID Document Scanning Specifications Version 1.0.1 February 2018 Copyright 2016, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation
More informationDROPBOX.COM - PRIVACY POLICY
Dropbox Privacy Policy Last Modified: October 15, 2012 This Privacy Policy provides our policies and procedures for collecting, using, and disclosing your information. Users can access the Dropbox service
More informationProteggereiDatiAziendalion-premises e nel cloud
ProteggereiDatiAziendalion-premises e nel cloud Antonio Forzieri Cyber Security Practice Lead, Global Agenda 1 Symantec Information Centric Encryption Introduction 2 Common business objectives addressed
More informationCLOUD STRIFE. Mitigating the Security Risks of Domain-Validated Certificates
CLOUD STRIFE Mitigating the Security Risks of Domain-Validated Certificates Kevin Borgolte Tobias Fiebig Shuang Hao Christopher Kruegel Giovanni Vigna kevinbo@cs.ucsb.edu t.fiebig@tudelft.nl shao@utdallas.edu
More informationWeb Applications Installation. version
version 2017.1 Disclaimer This document is for informational purposes only and is subject to change without notice. This document and its contents, including the viewpoints, dates and functional content
More informationOnline (in)security: The current threat landscape Nikolaos Tsalis
Online (in)security: The current threat landscape Nikolaos Tsalis November 2015 Online (in)security: The current threat landscape Nikolaos Tsalis (ntsalis@aueb.gr) Information Security & Critical Infrastructure
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.2 Effective
More informationConfiguring the Cisco APIC-EM Settings
Logging into the Cisco APIC-EM, page 1 Quick Tour of the APIC-EM Graphical User Interface (GUI), page 2 Configuring the Prime Infrastructure Settings, page 3 Discovery Credentials, page 4 Security, page
More informationDNS security extensions
DNS security extensions ENOG IV / RIPE NCC Regional Meeting 23 24 October 2012, Moscow Security related RR CERT TLSA, SMIMEA* (DANE) CAA* SSHFP SPF PKIX problems Self-signed certificates (~48% web servers)
More informationGOOGLE ADDS 4 NEW FEATURES TO ITS MY BUSINESS DASHBOARD HTTPS WEBSITES ARE DOMINATING THE FIRST PAGE
1 GOOGLE ADDS 4 NEW FEATURES TO ITS MY BUSINESS DASHBOARD 2 HTTPS WEBSITES ARE DOMINATING THE FIRST PAGE 3 WHY YOU SHOULD BE PAYING MORE ATTENTION TO REVIEWS! 4 BING ROLLS OUT THREE NEW UPDATES FOR ADVERTISERS
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.3 Effective
More informationSymantec ediscovery Platform
Symantec ediscovery Platform Native Viewer (ActiveX) Installation Guide 7.1.5 Symantec ediscovery Platform : Native Viewer (ActiveX) Installation Guide The software described in this book is furnished
More informationKey Management and Distribution
Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationPrivacy Policy. Optimizely, Inc. 1. Information We Collect
Privacy Policy Posted: Nov. 19, 2015; Effective Date: Nov. 19, 2015 Optimizely, Inc. This privacy policy applies to Optimizely s Virtual Experience website owned and/or operated for Optimizely, Inc., currently
More informationDRAFT REVISIONS BR DOMAIN VALIDATION
DRAFT REVISIONS BR 3.2.2.4 DOMAIN VALIDATION (Feb. 15, 2016) Summary of changes The primary purpose of this change is to replace Domain Validation item 7 "Using any other method of confirmation which has
More informationNimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]
Nimsoft Service Desk Single Sign-On Configuration Guide [assign the version number for your book] Legal Notices Copyright 2012, CA. All rights reserved. Warranty The material contained in this document
More informationCan HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit
Can HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit 1 2 o hai. 3 Why Think About HTTP Strict Transport Security? Roadmap what is HSTS?
More informationSSL Implementation and Website Security Best Practices, Version 01
An ICG Technology White Paper SSL Implementation and Website Security Best Practices, Version 01 Securing Websites via SSL Certificates is No Longer an Option, it s a Necessity and it s Not Enough June
More informationGetting Started with Authoring in Claro
Getting Started with Authoring in Claro dominknow s Claro is a new breed of web- based authoring and publishing software designed for teams. This short guide helps you get started quickly as an author
More informationApplied Open Source Intelligence OSINT. Not Just For Attackers David Mashburn All Rights Reserved
Applied Open Source Intelligence OSINT Not Just For Attackers 2019 David Mashburn All Rights Reserved David Mashburn, @d_mashburn SANS Certified Instructor GSE #157 Security mule Family guy 2 What is OSINT?
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationOracle. Field Service Cloud Using Android and ios Mobile Applications 18B
Oracle Field Service Cloud Using Android and ios Mobile Applications 18B Part Number: E94755-02 Copyright 2018, Oracle and/or its affiliates. All rights reserved Authors: The Field Service Cloud Information
More informationSymantec & Blue Coat Technical Update Webinar 29. Juni 2017
Avantec Blue Coat/Symantec Webinar Jean Marc Edder Senior Systems Engineer The Global Leader in Cyber Network + + Cloud Global market leader in Endpoint, Email, Data Loss Prevention and Website, User Authentication
More informationCertificates, Certification Authorities and Public-Key Infrastructures
(Digital) Certificates Certificates, Certification Authorities and Public-Key Infrastructures We need to be sure that the public key used to encrypt a message indeed belongs to the destination of the message
More informationSymantec Managed PKI. Integration Guide for ActiveSync
Symantec Managed PKI Integration Guide for ActiveSync ii Symantec Managed PKI Symantec Managed PKI Integration Guide for ActiveSync The software described in this book is furnished under a license agreement
More informationLecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.
Lecture 13 Public Key Distribution (certification) 1 PK-based Needham-Schroeder TTP 1. A, B 4. B, A 2. {PKb, B}SKT B}SKs 5. {PK a, A} SKT SKs A 3. [N a, A] PKb 6. [N a, N b ] PKa B 7. [N b ] PKb Here,
More informationSecondary operation windows in SLPs
NETBACKUP 7.6 FEATURE BRIEFING SECONDARY OPERATION WINDOWS IN SLPS NetBackup 7.6 Feature Briefing Secondary operation windows in SLPs Version number: 1.0 Issue date: 2 nd August 2013 This document describes
More informationArchitectural Overview INSIGHT Remote Monitoring Platform
Architectural Overview Remote Monitoring Platform 1950 Excel Drive Mankato, MN 56001 U.S.A. 1-800-635-4269 www.winland.com Summary Summary The platform provides remote environmental monitoring, data logging,
More informationSoftware Management Nuts and Bolts
Software Management Nuts and Bolts Joel Smith & Rene Kolga Sr. Principal Support Engineer Sr. Product Manager 1 Presentation Agenda 1 Introduction 2 Managing the Software Catalog 3 Rules, Detection and
More informationPhishing Attacks. Mendel Rosenblum. CS142 Lecture Notes - Phishing Attack
Phishing Attacks Mendel Rosenblum Phishing Basic idea: Get unsuspecting users to visit an evil Web site Convince them that the evil Web site is actually a legitimate site (such as a bank or PayPal) Trick
More information