We now support the ACME protocol, Mozilla enables HTTPS-only mode, and much more.
|
|
|
SSL.com Supports the ACME Protocol
SSL.com now offers the popular ACME protocol to all customers for SSL/TLS certificate automation.
Automated Certificate Management Environment (ACME) is a standard protocol for automating domain validation, installation, and management of X.509 certificates. The ACME protocol was designed by the Internet Security Research Group and is described in IETF RFC 8555. As a well-documented, open standard with many available client implementations, ACME is being widely adopted as an enterprise certificate automation solution.
With SSL.com’s implementation of ACME, all of our customers can now take advantage of this popular protocol to easily automate SSL/TLS website certificate issuance and renewal.
|
|
|
Congress Approves IoT Cybersecurity Bill
Passed by the U.S. Congress on November 17, 2020 and heading to the White House for the President’s signature, the Internet of Things Cybersecurity Improvement Act “requires the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) to take specified steps to increase cybersecurity for Internet of Things (IoT) devices.”
Given the many recent security issues with “smart” devices and their rapid proliferation in the marketplace, we’re glad to see the U.S. Congress taking a step in the right direction to establish IoT security standards and best practices for the federal government.
HTTPS-Only Mode Offered in Firefox 83
Mozilla’s Firefox 83, released on November 17, offers users an HTTPS-Only Mode. By enabling it, the browser will automatically seek out HTTPS connections and ask for permission before proceeding to a site that does not support secure connections. As Mozilla’s blog post reminds us, the regular HTTP protocol is viewable by those looking to steal or tamper with data. HTTP over TLS, or HTTPS, fixes that by creating an encrypted connection between your browser and the website you are visiting, which would-be attackers cannot read.
We think every website should be HTTPS-only. Until that time, HTTPS-only mode is an easy way for Firefox users to make sure that they are using HTTPS whenever possible.
Apple's Handling of OCSP Requests Raises Privacy Concerns
This month, a couple of folks sounded the alarm about Big Sur after server problems revealed Apple is tracking, and revealing, a heck of a lot about its users when checking signed application code. Essentially, the certificate-checking code was sending out a developer’s “digital fingerprint” via plain text HTTP whenever an application was launched. What does that mean? Thomas Claburn of The Register puts it succinctly enough: “Apple as well as anyone eavesdropping on the network path can at least link you by your public IP address to the kinds of application you use.”
In the process of attempting to protect its own users from malware, Apple may have excessively compromised their privacy. We think that the software you run and what your computer connects to should be your own business, and hope Apple will take effective steps to return this control to users.
|
|
|
SSL.com is working hard to improve our products and services. We'd like to hear from you to help guide us in our journey to produce the best security and identity solutions for your business.
|
|
|
SSL.com provides a wide range of clients with state-of-the-art digital certificates and 24/7 personal support. For our customers who need a large number of certificates (and would like to take advantage of wholesale pricing with discounts of up to 65%), we are happy to suggest the SSL.com Reseller and Volume Purchasing program. See more videos like this on SSL.com's YouTube channel. |
|
|
Looking for trusted encryption and protection? Time for an upgrade? SSL.com has you covered.
|
|
|
CA/B Forum Ballot SC12: Sunset of Underscores in dNSNames (approved November, 2018) outlined a process for phasing out the use of underscore characters (_) in domain names covered by digital certificates. Ballot SC12’s rule changes follow RFC 1035, which specifies the characters which may be used in DNS domain names:
|
|
The Internet of Things (IoT) is growing exponentially, with some reports predicting it reaching over 38 billion devices in 2020. With more and more stories emerging of hacked devices coming out, the need to secure the Internet of Things is becoming more urgent, more so for medical device manufacturers with HIPAA in mind.
|
|
SSL.com provides a wide range of clients with state-of-the-art digital certificates and 24/7 personal support. For our customers who need a large number of certificates (and would like to take advantage of wholesale pricing with discounts of up to 65%), we are happy to suggest the SSL.com Reseller and Volume Purchasing program.
|
|
|
|
Copyright © 2020 SSL.com, All rights reserved.
You are receiving this email because you agreed to receive emails while ordering an SSL certificate.
Our mailing address is:
Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.
![Email Marketing Powered by Mailchimp]( "Mailchimp Email Marketing")
|
|
|
|
|
![]()
|
