SlideShare a Scribd company logo

Expert advice on choosing SSL certificates

Keynectis
Keynectis

Recent hacking attacks have compromised several popular websites by fraudulently obtaining their SSL certificates. This allowed pirates to pose as legitimate websites and steal users' identities and financial information. To prevent this, websites should use extended validation (EV) SSL certificates, which provide the highest level of security by requiring more thorough verification procedures. EV certificates clearly display the organization's name in the browser address bar to build user trust in online transactions.

Technology
1 of 2
Download to read offline
Expert Advice Issy-les-Moulineaux, 24th of March 2011 How to choose your SSL certificates for an effective protection of your web sites? During the last few days, hacking practices have impacted multiple web sites that are extremely popular. The consequences of this cyber-attack have been the issuing of fraudulent SSL certificates. The identity fraud of the web sites lead to phishing activities: Internet users who thought that they were browsing on an official web site were in fact redirected towards a web site belonging to pirates. The risk that users have been facing include: theft of their digital identity or confidential data such as banking information. How could those attacks happen? What are the consequences? And how can they be avoided? Some first answers from Patrick Duboys, in charge of the SSL business at Keynectis. Let’s first look into what an SSL certificate is : It is a digital certificate for a web server that hosts web pages. It can be seen as the equivalent of a « digital passport ». It establishes the link between web pages (a domain name or a URL) and its owner (an organization or an individual). It authenticates the server and secures the digital transactions between the server and people who connect themselves to this server over the Internet. So what does an SSL certificate enables? - It establishes trust through the authentication of the web site plus through the encryption of all the information that transit (private, confidential and banking information) between the web site and the person that uses. - It guaranties the identity of the web site in order to prevent pirates from stealing it and then stealing from Internet users. Why this attack has been possible and what are the consequences ? An attack has allowed pirates to authenticate themselves as an authority that was granted the right to issue certificates. Some browsers do not check the CRL* nor do they use the OCSP*. The forged certificates have been used widely over the Internet. Nine certificates have been issued, including 8 very popular ones. Phishing practices have been possible. Internet users going to what they thought were legitimate web sites may have had their identity or personal data stolen from them.
There are simple solutions to prevent ourselves against such attacks: SSL Extended Validation certificates. SSL certificates are the most effective way to avoid such situations. But be aware that on the market there are two types: - The « standard » SSL certificates - And the SSL Extended Vailadation (EV) certificates These types of certificates are today one of the only real protection agaisnt phishing that are today available on the market. They have been created as a direct answer to the increased fraud on the Internet in order to build up the confidence of consumers doing on-line transactions. The SSL Extended Validation standard improves the visual aspects in highly secured web browsers. SSL EV certificates are the only ones to display the name of the organization in a green address bar. The delivery of EV SSL certificates is subject to even more thorough verifications such as complex procedures, regular audits of processes. These requirements allow the delivery of certificates with the highest level of security. * OCSP (Online Certificate Status Protocol) : This is an Internet protocol used to check the validity of an X.509 digital certificate. CRL (Certificate Revocation List) : This is the list of the certificates that have been revoqued and that are therefore not valid nor trustworthy anymore. For any outlook or expertise on this subject, please contact OXYGEN in order to be put in contact with Patrick Duboys who is in charge of the SSL Business at Keynectis. About Keynectis: KEYNECTIS is a software and SaaS provider, fully focused on Information Security Technologies. Pioneer of Cloud Computing, with more than 12 years of experience, KEYNECTIS proposes a wide offer ensuring secured digital identity management as well as digital documents and transactions security for government bodies, financial institutions, and corporates worldwide. With more than 20 million digital identities protected and 450 million digital transactions secured every year, KEYNECTIS is a European leader on Information Security Technologies. Learn more at www.keynectis.com Media contact Keynectis contact OXYGEN Caroline Drobinski Tatiana Graffeuil / Estelle Deswarte +33 1 55 64 22 85 +33 1 41 11 37 89 caroline.drobinski@keynectis.com tgraffeuil@oxygen-rp.com

Recommended

ильичев Windows 7
ильичев Windows 7ильичев Windows 7
ильичев Windows 7Liudmila Li
 
Использование Web 2.0
Использование Web 2.0 Использование Web 2.0
Использование Web 2.0 Alexey Dubinsky
 
Lead Generation on SlideShare: A How-to Guide
Lead Generation on SlideShare: A How-to GuideLead Generation on SlideShare: A How-to Guide
Lead Generation on SlideShare: A How-to GuideSlideShare
 
3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_reportLavius Nkateko Motileng
 
Is web security part of your annual security audit
Is web security part of your annual security auditIs web security part of your annual security audit
Is web security part of your annual security auditDianne Douglas
 
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...CheapSSLsecurity
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Needawakish
 
Understanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfUnderstanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfWebGuru Infosystems Pvt. Ltd.
 

Recommended

ильичев Windows 7
ильичев Windows 7ильичев Windows 7
ильичев Windows 7Liudmila Li
 
Использование Web 2.0
Использование Web 2.0 Использование Web 2.0
Использование Web 2.0 Alexey Dubinsky
 
Lead Generation on SlideShare: A How-to Guide
Lead Generation on SlideShare: A How-to GuideLead Generation on SlideShare: A How-to Guide
Lead Generation on SlideShare: A How-to GuideSlideShare
 
3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_reportLavius Nkateko Motileng
 
Is web security part of your annual security audit
Is web security part of your annual security auditIs web security part of your annual security audit
Is web security part of your annual security auditDianne Douglas
 
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...
Hidden Dangers Lurking in E-Commerce and Reducing Fraud with the Right SSL Ce...CheapSSLsecurity
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Needawakish
 
Understanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfUnderstanding The World Of SSL Certificates.pdf
Understanding The World Of SSL Certificates.pdfWebGuru Infosystems Pvt. Ltd.
 
All You Need to Know About EV SSL Security
All You Need to Know About EV SSL SecurityAll You Need to Know About EV SSL Security
All You Need to Know About EV SSL SecurityAboutSSL
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecurityHTS Hosting
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateRapidSSLOnline.com
 
Reducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-CommerceReducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-CommerceRapidSSLOnline.com
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business EthicsRahul Sharma
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and FutureTiago Mendo
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and FutureLuis Grangeia
 
Importance of SSL.pdf
Importance of SSL.pdfImportance of SSL.pdf
Importance of SSL.pdfPC Doctors .NET
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL ExplainedSymantec Website Security
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLSRapidSSLOnline.com
 
Presentation2 certificate farce
Presentation2 certificate farcePresentation2 certificate farce
Presentation2 certificate farceSandra (Sandy) Dunn
 
Secure sockets layer, ssl presentation
Secure sockets layer, ssl presentationSecure sockets layer, ssl presentation
Secure sockets layer, ssl presentationAmjad Bhutto
 
White paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLWhite paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLGlobalSign
 
Beginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL TutorialBeginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL TutorialWilliam hendric
 
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1ebcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1eSam Kumarsamy
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates RapidSSLOnline.com
 
The Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL CertificatesThe Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL CertificatesCheapSSLsecurity
 
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfImprove your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfDigital Marketing
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 
Offer a trustworthy environment on your web site
Offer a trustworthy environment on your web siteOffer a trustworthy environment on your web site
Offer a trustworthy environment on your web siteKeynectis
 
Decouvrez le SSL
Decouvrez le SSLDecouvrez le SSL
Decouvrez le SSLKeynectis
 

More Related Content

Similar to Expert advice on choosing SSL certificates

All You Need to Know About EV SSL Security
All You Need to Know About EV SSL SecurityAll You Need to Know About EV SSL Security
All You Need to Know About EV SSL SecurityAboutSSL
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecurityHTS Hosting
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateRapidSSLOnline.com
 
Reducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-CommerceReducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-CommerceRapidSSLOnline.com
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business EthicsRahul Sharma
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and FutureTiago Mendo
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and FutureLuis Grangeia
 
Secure sockets layer, ssl presentation
Secure sockets layer, ssl presentationSecure sockets layer, ssl presentation
Secure sockets layer, ssl presentationAmjad Bhutto
 
White paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLWhite paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLGlobalSign
 
Beginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL TutorialBeginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL TutorialWilliam hendric
 
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1ebcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1eSam Kumarsamy
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates RapidSSLOnline.com
 
The Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL CertificatesThe Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL CertificatesCheapSSLsecurity
 
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfImprove your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfDigital Marketing
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 

Similar to Expert advice on choosing SSL certificates (20)

All You Need to Know About EV SSL Security
All You Need to Know About EV SSL SecurityAll You Need to Know About EV SSL Security
All You Need to Know About EV SSL Security
 
SSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web SecuritySSL Certificate: Stamp of Web Security
SSL Certificate: Stamp of Web Security
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
 
Reducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-CommerceReducing Fraud with the Right SSL Certificate in E-Commerce
Reducing Fraud with the Right SSL Certificate in E-Commerce
 
Managing IT security and Business Ethics
Managing IT security and Business EthicsManaging IT security and Business Ethics
Managing IT security and Business Ethics
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and Future
 
SSL: Past, Present and Future
SSL: Past, Present and FutureSSL: Past, Present and Future
SSL: Past, Present and Future
 
Importance of SSL.pdf
Importance of SSL.pdfImportance of SSL.pdf
Importance of SSL.pdf
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
All About SSL/TLS
All About SSL/TLSAll About SSL/TLS
All About SSL/TLS
 
Presentation2 certificate farce
Presentation2 certificate farcePresentation2 certificate farce
Presentation2 certificate farce
 
Secure sockets layer, ssl presentation
Secure sockets layer, ssl presentationSecure sockets layer, ssl presentation
Secure sockets layer, ssl presentation
 
White paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLWhite paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSL
 
Beginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL TutorialBeginners Guide to SSL | SSL Tutorial
Beginners Guide to SSL | SSL Tutorial
 
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1ebcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
bcs_sb_TechPartner_SSLVisibility_Venafi_EN_v1e
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates The Hidden Costs of SelfSigned SSL Certificates
The Hidden Costs of SelfSigned SSL Certificates
 
The Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL CertificatesThe Hidden Costs of Self-Signed SSL Certificates
The Hidden Costs of Self-Signed SSL Certificates
 
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfImprove your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdf
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 

More from Keynectis

Offer a trustworthy environment on your web site
Offer a trustworthy environment on your web siteOffer a trustworthy environment on your web site
Offer a trustworthy environment on your web siteKeynectis
 
Decouvrez le SSL
Decouvrez le SSLDecouvrez le SSL
Decouvrez le SSLKeynectis
 
Tips for safe purchasing on the web
Tips for safe purchasing on the webTips for safe purchasing on the web
Tips for safe purchasing on the webKeynectis
 
How to offer a trustworhty environment on the web?
How to offer a trustworhty environment on the web?How to offer a trustworhty environment on the web?
How to offer a trustworhty environment on the web?Keynectis
 
Cp ebics keynectis final_signe
Cp ebics keynectis final_signeCp ebics keynectis final_signe
Cp ebics keynectis final_signeKeynectis
 
Keynectis - Certificats SSL - Avis d'Expert
Keynectis - Certificats SSL - Avis d'ExpertKeynectis - Certificats SSL - Avis d'Expert
Keynectis - Certificats SSL - Avis d'ExpertKeynectis
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Keynectis
 

More from Keynectis (7)

Offer a trustworthy environment on your web site
Offer a trustworthy environment on your web siteOffer a trustworthy environment on your web site
Offer a trustworthy environment on your web site
 
Decouvrez le SSL
Decouvrez le SSLDecouvrez le SSL
Decouvrez le SSL
 
Tips for safe purchasing on the web
Tips for safe purchasing on the webTips for safe purchasing on the web
Tips for safe purchasing on the web
 
How to offer a trustworhty environment on the web?
How to offer a trustworhty environment on the web?How to offer a trustworhty environment on the web?
How to offer a trustworhty environment on the web?
 
Cp ebics keynectis final_signe
Cp ebics keynectis final_signeCp ebics keynectis final_signe
Cp ebics keynectis final_signe
 
Keynectis - Certificats SSL - Avis d'Expert
Keynectis - Certificats SSL - Avis d'ExpertKeynectis - Certificats SSL - Avis d'Expert
Keynectis - Certificats SSL - Avis d'Expert
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Expert advice on choosing SSL certificates

  • 1. Expert Advice Issy-les-Moulineaux, 24th of March 2011 How to choose your SSL certificates for an effective protection of your web sites? During the last few days, hacking practices have impacted multiple web sites that are extremely popular. The consequences of this cyber-attack have been the issuing of fraudulent SSL certificates. The identity fraud of the web sites lead to phishing activities: Internet users who thought that they were browsing on an official web site were in fact redirected towards a web site belonging to pirates. The risk that users have been facing include: theft of their digital identity or confidential data such as banking information. How could those attacks happen? What are the consequences? And how can they be avoided? Some first answers from Patrick Duboys, in charge of the SSL business at Keynectis. Let’s first look into what an SSL certificate is : It is a digital certificate for a web server that hosts web pages. It can be seen as the equivalent of a « digital passport ». It establishes the link between web pages (a domain name or a URL) and its owner (an organization or an individual). It authenticates the server and secures the digital transactions between the server and people who connect themselves to this server over the Internet. So what does an SSL certificate enables? - It establishes trust through the authentication of the web site plus through the encryption of all the information that transit (private, confidential and banking information) between the web site and the person that uses. - It guaranties the identity of the web site in order to prevent pirates from stealing it and then stealing from Internet users. Why this attack has been possible and what are the consequences ? An attack has allowed pirates to authenticate themselves as an authority that was granted the right to issue certificates. Some browsers do not check the CRL* nor do they use the OCSP*. The forged certificates have been used widely over the Internet. Nine certificates have been issued, including 8 very popular ones. Phishing practices have been possible. Internet users going to what they thought were legitimate web sites may have had their identity or personal data stolen from them.
  • 2. There are simple solutions to prevent ourselves against such attacks: SSL Extended Validation certificates. SSL certificates are the most effective way to avoid such situations. But be aware that on the market there are two types: - The « standard » SSL certificates - And the SSL Extended Vailadation (EV) certificates These types of certificates are today one of the only real protection agaisnt phishing that are today available on the market. They have been created as a direct answer to the increased fraud on the Internet in order to build up the confidence of consumers doing on-line transactions. The SSL Extended Validation standard improves the visual aspects in highly secured web browsers. SSL EV certificates are the only ones to display the name of the organization in a green address bar. The delivery of EV SSL certificates is subject to even more thorough verifications such as complex procedures, regular audits of processes. These requirements allow the delivery of certificates with the highest level of security. * OCSP (Online Certificate Status Protocol) : This is an Internet protocol used to check the validity of an X.509 digital certificate. CRL (Certificate Revocation List) : This is the list of the certificates that have been revoqued and that are therefore not valid nor trustworthy anymore. For any outlook or expertise on this subject, please contact OXYGEN in order to be put in contact with Patrick Duboys who is in charge of the SSL Business at Keynectis. About Keynectis: KEYNECTIS is a software and SaaS provider, fully focused on Information Security Technologies. Pioneer of Cloud Computing, with more than 12 years of experience, KEYNECTIS proposes a wide offer ensuring secured digital identity management as well as digital documents and transactions security for government bodies, financial institutions, and corporates worldwide. With more than 20 million digital identities protected and 450 million digital transactions secured every year, KEYNECTIS is a European leader on Information Security Technologies. Learn more at www.keynectis.com Media contact Keynectis contact OXYGEN Caroline Drobinski Tatiana Graffeuil / Estelle Deswarte +33 1 55 64 22 85 +33 1 41 11 37 89 caroline.drobinski@keynectis.com tgraffeuil@oxygen-rp.com