New standard for SSL certificates released

New standard for SSL certificates released

After some companies had troubles with cyber security relating to SSL certificates in 2011, certificate authorities and software vendors decided to take on the issue and create the first industry standard for issuance and management of SSL certificates. This should help improve the amount of data security at each eCommerce company that uses these certificates.

"SSL/TLS certificates are a critical part of the internet's security infrastructure, combining proven technical standards with the capability to scale to handle millions of websites and the wide array of user software," said Tim Moses, chairman of the CA/Browser Forum. "The new baseline requirements will improve the reliability and accountability of SSL/TLS issuance for relying parties by establishing baseline standards for all types of SSL/TLS certificates from all publicly-trusted CAs."

The group said the new guidance draws upon best practices across the SSL sector to provide good information on subjects like security, revocation mechanisms, use of algorithms and liability, among other things.

Eddy Nigg of StartCom CA said this is the first time there will be a consistent international standard for the SSL certificates industry. These new requirements will go into effect July 1.