Últimas notícias

Fique informado

How to manage your TLS certificates under Google’s new rules? Hear

11/09/2020

Spotlight

A sanção da Lei 14.063 de 2020, segundo agência Senado.

A nova lei cria dois novos tipos de assinatura eletrônica em comunicações com entes públicos e em questões de saúde: simples e avançada.

25/09/2020

Lei Geral de Proteção de Dados Brasileira – LGPD começa a valer

Começa a valer nesta sexta 18 de setembro de 2020 conforme o texto aprovado pelo Senado .

18/09/2020

Como gerenciar Identidades Digitais em empresas públicas e privadas? Ouça

Sobre como gerenciar eIDs, conversamos com Luís Correia – Business Development da AET EUROPE, empresa global na área de soluções de segurança digital.

02/09/2020

O pequeno herói e sua conexão com a tecnologia para acesso ilimitado e seguro

Neste ebook apresentamos a história do pequeno herói neerlandês e sua conexão com a tecnologia do SafeSign e todo o ecossistema de soluções da AET – Unlimited access to your world.

18/08/2020

A AET Europe, líder global na área de soluções de segurança digital, chega ao Brasil. Ouça

Empresa holandesa A.E.T Europe BV (AET) reconhece o País como mercado estratégico e inicia sua operação local da AET do Brasil.

15/04/2020

From September 1st 2020, major web browsers will block TLS certificates that have a validity period of longer than 398 days

By Colin van den Heuvel

Colin van den Heuvel – Business Consultant

If you use TLS certificates on your website(s), as most organisations do, this could have a significant impact for you. Managing them will become much more complex and if you lose control of them there’s a risk that browsers will block your website and show it as unsafe.

What are the recent changes?

Google and Mozilla have followed Apple’s lead in limiting the validity period of TLS certificates to 398 days. From September 1st 2020, browsers including Chrome, Safari and Mozilla, will allow a maximum lifetime for these certificates of approximately 13 months – certificates with longer lifespans will be blocked.

What are the pros and cons?

Browser owners say it will help to limit exposure to compromise by only allowing certificates with a shorter validity period. It will also allow more agility in responding to major incidents and upgrading to more secure technology and will enable the use of recent data in certificates.

Certificate authorities are less positive about the change, however. Last year, Google filed a proposal for this limitation during the CA/Browser Forum, where major browser parties and certificate authorities discuss such topics. Back then, most of the certificate authorities voted against the proposal as they’re concerned it will increase the amount of work and complexity involved in managing their certificates.

Despite this, Apple decided to implement the measure within Safari at the beginning of this year to protect its users against the potential fraudulent use of certificates. And now Google and Mozilla have followed suit.

What are TLS certificates?

TLS stands for Transport Layer Security and is a cryptographic protocol that enables secure communications over networks. It’s the technology that ensures your internet connection is safe and prevents data being compromised by hackers.

Websites use TLS certificates to show they’re secure. When a browser tries to connect to a website with a TLS certificate, it asks the webserver to identify itself. The browser then checks that the certificate is valid and, if it is, the webserver initiates the secure connection.

What does this mean for me?

If your organisation uses TLS certificates that don’t comply with the browsers’ new maximum validity requirement of 398 days, your certificates will be blocked. This may mean that visitors to your website will get warning or they won’t be able to reach your website at all.

This can have significant negative consequences in terms of reducing your sales or enquiries, and damaging trust in your brand. It means you’ll need to monitor and manage your TLS certificates stringently to prevent them expiring without your knowledge and then being blocked.

Alongside this, a variety of risks may arise when managing certificates with shorter lifespans:

• The processes involved may take too long, due to their complexity, to respond adequately to expiring certificates.

• To keep pace with the work required, there’s a danger of rushing processes and not executing them properly.

• Administrators may be tempted to circumvent these processes altogether and, out of time pressure, turn to less secure self-signed certificates.

How to manage TLS certificates effectively

To mitigate these risks and ensure your TLS certificates comply with browsers’ requirements, you’ll need to ensure robust certificate management using well-defined processes, skilled personnel and supporting technology.

This will not only prevent your websites from being blocked, it will show visitors to your website that you comply with strict security standards and can be trusted.

“By 2020, we expect that companies that are digitally trustworthy will generate 20% more online profit than those that aren’t.” – Gartner.

It will be crucial to follow these steps:

1. Create well-defined procedures and processes. Clear guidance on how to register, validate, issue, revoke and renew certificates will help your administrators and certificate operators to manage their digital certificates. So they can stay in control of them throughout their lifecycle.

2. Recruit and educate. You’ll need the right people in place to ensure your certificates can be managed properly. You’ll also need to educate and train them, so they understand the principles of digital certificates and the various processes involved in managing them.

3. Use a certificate management system. This will ensure your people have just one application where they can manage digital certificates effectively and securely. It will notify them about certificates that are due to expire and will enable them to easily create reports and find other certificates in your infrastructure.

We’re here to help

Our certificate management solution, BlueX eID Management, is built on decades of PKI experience and will help you take full control of your TLS certificates and other digital certificates.

Source: AET Europe News

Como gerenciar Identidades Digitais em empresas públicas e privadas?

Como gerenciar seus certificados TLS sob as novas regras do Google? Ouça

Safe handling of digital identities: 5 key questions.

Content Syndication

Content Syndication – the content distribution is a method of republishing content developed by your company on other websites to reach a wider audience and bring new visitors to your site. Contact us about Content Syndication, contato@cryptoid.com.br | +55 11 3881 0019.

Surprise yourself with the quality of our audience! Media Kit.

TLS E SSL