is the first Certificate Authority to enable compatibility with Google's Certificate Transparency initiative.
Last month, we announced our plans to and committed to offer customers the option of adding certificates to Certificate Transparencylogs by the end of October. Today, we are pleased to announce that we met this goal.
The CAplatform can now issue certificates that are logged in Google’s Certificate Transparency public log servers. During theinitial phase of Certificate Transparencyimplementation, registration with a Certificate Transparencylog is optional.
Customers whowish to enable Certificate Transparencysupport for their certificates can do so by contacting our24 hour team, the process of enabling Certificate Transparency for SSL takes just a few minutes. By opting in, customers can test and prepare their environments prior to when Certificate Transparencybecomes mandatory for publicly trusted certificates in Chrome.
Once Chrome requires Certificate Transparencyfor all certificates, itwill be enabled by default for all customers. Certificate Transparencyis important for several reasons which is why has made considerable efforts to be the first CA with Certificate Transparency compliance.
Because Certificate Transparencyrequires that certificates be added to a public log, it provides an early detection system by which rogue, mis-issued or other problem certificates can be identified and mitigated quickly. This could include detecting interference by third-parties such as nation states within the certificate ecosystem.
Certificate Transparencymay very well even discourage would-be attackers.
For customers opting in to Certificate Transparency, will send a pre-certificate sent to a log server that keeps track of the certificate contents. The log server returns a “signed certificate timestamp” (SCT) that can either be embedded in the official certificate or provided by other means.
The SCT serves as a pointer to where that certificate was registered in the log, providing insight on what the CA issues. In essence, CT shines a light on CA practices and permits monitoring of deployed certificate resources, which is essential in detecting and mitigating SSL/TLS threats.
At , trust and security are the fundamental building blocks of our business and trust on the Internet. That’s why we have invested a considerable amount of time and resources into the CA/Browser Forum, IETF, and other industry standards groups that are working to create better security practices and higher standards online safety.
is also involved in ongoing efforts with independent groups, like the Online Trust Alliance,focused on educating everyone on SSL and the benefits it provides. Our wide range of online tools are designed to simplify deployment of SSL, making best security practices easy to implement.
We applaud Google for its forward-thinking work with Certificate Transparencyand pledge our continued support of scalable and practical enhancements to online security. We hope that by embracing Certificate Transparencyearly, we can help encourage others to do likewise and move Certificate Transparencycloser to widespread adoption.
You can learn moremore information about and our efforts to on the site.