Symantec to Stop Issuing DV SSL/TLS Certificates to .PW Domains
Recently, Symantec updated its certificate issuance controls to pay special attention to domains flagged for excessive abuse, malwa…
Twitter Card Style:
While doing an online search for “SSL Certificates” and one of the ads said “$4.99, Why Pay More?” Without clicking on the ad I know what they are going to offer me; a simple domain validated (DV) SSL certificate. This certificate will encrypt my site’s traffic at a basic level but this isn’t 1997; the business climate and threat landscape have changed and so have our requirements for security. SSL is more than encryption. We have to consider trust, security, service, certificate management & reliability. While many Certification Authorities are cutting corners to compete with each other on price, Symantec is working around the clock to continually deliver best-in-class solutions. At Symantec we believe in these core factors as does 91% of the fortune 500 and 94 of the top 100 financial institutions in the world. Here’s why:
1. Increased End-Consumer Trust
- Trust Seal — Trust seals suggest that websites are safe to interact with. The Norton Secured Seal has been shown through independent research to be the most recognized trust seal on the Internet. Offered only by Symantec, it is seen about 4 billion times per month on websites all around the world. The seal ensures visitors that they are communicating with organizations that not only encrypt their traffic but also are legitimate organizations that have gone through Symantec’s strong authentication screening as well.
- Visual Cue — The “Green Bar” also represent that a site is trustworthy. With Symantec EV Certificates, browsers will change the color of the address bar to green, serving as a cue for safe interaction. DV certificates won’t provide for a visual cue to website visitors
2. Stronger Business Authentication and Website Security
- Authentication — With every Symantec certificate, Symantec performs strong authentication to ensure that a website visitor can trust who they are communicating with. Security-minded organizations realize that encryption alone is not enough and require, as a matter of policy, that all certificates issued for their organization have strong authentication. On the other hand, domain validated certificates, like those that Let’s Encrypt intends to offer, will only provide encryption of data. Thus, they will not prevent a credit card number or password from going to an encrypted website that may be fraudulent.
- Scanning and Alerts — Symantec products also secure customer websites with scanning for critical vulnerabilities and active malware. Symantec proactively notifies customers about security risks within a customer’s unique environment and provides guidance to ensure that such issues are quickly and easily resolved.
3. Simplified Certificate Management and Live Worldwide Support
- Management Tools — Symantec enables customers to track and manage large volumes of certificates with a wide range of tools. Organizations are often burdened with the complexity of managing a variety of SSL certificates that may include of self-signed, client certificates or SSL certificates that chain up to public roots.
- Accessible Technical Support — Symantec provides 24/7/365 support worldwide to ensure that customers’ sites stay up and running and secure, with an optional premium support that include SLA’s on problem escalation and resolution. This is a critical component for organizations that need to ensure that their website operations remain. A free offering like Let’s Encrypt rarely comes with any form of live support.
4. Powerful Technical Capabilities and Advanced Options
- Client Ubiquity — As the longest operating Certification Authority, Symantec’s roots are in more clients than any other Certification Authority. Organizations that want to support Always on SSL and connectivity with the greatest number of users choose Symantec to secure their transactions.
- Advanced Certificate Options — Symantec Secure Site Pro products include both RSA 2048 bit certificates and ECC 256 bit certificates which are optimal within Perfect Forward Secrecy. These high security, high performance certificates are the future of SSL/TLS encryption and Symantec’s ECC roots are in more clients than any other Certification Authority.
- Best in Class Revocation — Symantec provides revocation information to clients through both the Online Certificate Status Protocol (OCSP) and Certificate Revocation Lists (CRLs). Both of these services are updated continually to communicate certificate revocation activity to clients worldwide. The services are tuned to provide the fastest response times possible. In the case of websites, OCSP response times can impact page load times and Symantec has invested in its infrastructure to provide OCSP responses in about 50 milliseconds for almost every major region in the world.
5. Reliable Security and Business Assurances
- Warranties — Symantec offers the highest warranties of any Certification Authority. These warranties can cover customers for losses of up to $1,750,000 from incorrect information contained on Symantec certificates.
- Military-Grade Data Centers — Symantec’s roots and signing services are protected by the most stringent physical, network, and logical security and process controls. The hardened facilities provide our customers with confidence that certificate issuance for their domains will not be compromised. With ten years of continuous uptime, Symantec’s robust continuity practices are the best in the industry.
- Contractual Commitments — Symantec customers have a contractual commitment from Symantec to maintain their products for the term of their contract. Let’s Encrypt, as a non-profit, open-source Certification Authority, it will be difficult to offer such contractual guarantees, given the significant expenses associated with operating a publicly audited Certification Authority.
- Focused investment – As the world’s largest security company, Symantec has both the resources and the motivation to ensure that the our SSL products are uncompromised. Vulnerabilities like Heartbleed have clearly demonstrated that, despite the good intentions of OpenSSL, a non-profit organization with limited resources will be challenged to keep up with the rapidly-changing security threat landscape.
Modern Security for Modern Needs
Companies that know security understand they need to use modern-day security solutions in today’s environment and that SSL is more than just simple encryption.Please keep all of these factors in mind as you are building out your webserver security plans.For more information on Symantec SSL, please visit our website.
Compared to Windows users, Mac users have been relatively unaffected by malware attacks. Cybercrooks, however, are just as aware as antivirus vendors are about Mac vulnerabilities. With the growing number of Mac users, cybercrooks see more potential for malicious activities, especially as Mac users tend to have a false sense of security and not usesecurity software. You […]
Symantec recently received information on a new Java zero-day, Oracle Java Runtime Environment CVE-2013-1493 Remote Code Execution Vulnerability (CVE-2013-1493). The final payload in the attack consisted of a DLL file, detected by Symantec as Tro…