Which SSL Reviews

SSL Certificates

Certificate Transparency on SSL Certificates

October 30, 2015 | By Editor 

The SSL poised padlock stands a proven assurance of virtual security for the online geeks – but things are not the same in all cases with yet flaws veiled unseen – off the padlock.

The flaws pulls off the roots of security and weakens the encryption thereby compromising the SSL process that involves end-to-end encryption and domain validation. The security flaws welcome wide range of website spoofing, man in the middle attacks and server impersonation and so the reason Google calls out to imply transparency for SSL Certificates.

What is Certificate Transparency 

Certificate Transparency is a platform taken its form to assist domain owners to recognize the SSL certificates that has been issued to secure their domains. The framework is a ground to help domain owners surveil the use of certificates, substantiate if the internal policies are in place and are followed by the server operators. The CT helps to validate if the Certificate Authorities properly authorize the certificates issued for their domain.

The CT layered structure stashes monitors, certificate logs and auditors. Each of which is interlinked to underpin the SSL Certificate system with proven records of the certificate issuance.

How does Certificate transparency work against security flaws?

Transparency is not just a solution to defy the security flaws amongst the cert system.

It is certainly not going to solve the trust issues all by itself in place. It shares a good deal of guidance to identify the mis-issuance of certificate much in an ideal way.

Robin Alden, Chief Technical Officer for Comodo shared his opinion on Certificate Transparency that can detect SSL Certificates from the shenanigans and can be caught red handed if the certificates are issued accidentally or if the authorities abuse the issuance deliberately. He also said that CTs will nourish the security level in the virtual space as the security flaws are identified instantly mitigating the risk factors involved through such loop holes.

With a proper audit regime in place integrating with Certificate transparency will certainly strengthen and establish a great level of trust on the Certificate Authorities who are in-charge of the cert issuance to eliminate the after effect of such malicious CAs and hence the security breaches.

Certificate Transparency reduces the security flaw risks

Certificate Transparency will definitely address the CA related issues but remember the coin has other side to it as well – if the hackers sneak in through the certs then the security stands unpredictable.

Transparency is definite to reduce the risk factors incurred through CAs but it does not survive a space to eliminate the security risks.

Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now
Email *

Posted in SSL Certificates

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory