Presentation is loading. Please wait.

Presentation is loading. Please wait.

High Assurance / Enhanced Validation Name of Presenter: Kevin Brown Date: August 5th Confidential.

Published byBertram Doyle Modified over 9 years ago

Similar presentations

Presentation on theme: "High Assurance / Enhanced Validation Name of Presenter: Kevin Brown Date: August 5th Confidential."— Presentation transcript:

1 High Assurance / Enhanced Validation Name of Presenter: Kevin Brown Date: August 5th Confidential

2 How Safe Is The Internet ? SSL Phishing Attack targets Mountain America Credit Union 450 SSL Phishing Attacks were reported in 2005 18,480 Phishing incidents were reported in March 2006 alone. SOURCE: Washington Post, Anti-Phishing Workgroup, January 2006

3 Where is the Trustworthiness on the Internet ? The Certificate Practice Statement (CPS) from one Certificate Authority (CA) to another can differ A CA can issue a certificate as long as they follow the policies in their CPS There is no industry standard amongst CAs No means for online users to identify the type of SSL Cert issued

4 Where to from here? thawte is involved with the CA Browser Forum, comprised of: –American Bar Association –Information Security Committee –Browser manufacturers –Certificate Authorities The purpose of which is to define industry standard online identity assurance processes.

5 What is High Assurance (HA) ? –Delivering an industry standard for Identity Assurance –Modifying existing online identity assurance processes –Improved browser representation of online identities

6 How is HA different from the current Verification and Authentication process for High Auth certs? The process is intended to be more comprehensive and standardized across the entire industry. The new standards/processes will have to be adhered to by all CAs who wish to offer HA Certs. This will encourage greater confidence in CAs and in the processes that are used to vet and issue digital certificates.

7 7 High Assurance is a Driver for SSL Growth Green URL shows up for high assurance certs Name of Organization that cert is issued to CA that performed the “high assurance” authentication High Assurance Low Assurance / Domain Validated No Green URL No Organization name or CA included in UI High Assurance Certificates will increase brand preference and drive increased SSL adoption Current beta version subject to change

8 8 Other Browsers have already made Usability enhancements (Opera, NetScape and FireFox) Opera Firefox Netscape

9 Green URL BarCert Org Name and Country

10 Identified by CERTIFICATE AUTHORITY

11 Security Report (single click)CAOrg, L, State, C

12

13

14 Certificate Policy OID

15 Intermediate “HA” CA

16 thawte cert – no green bar, no Org

17 Shared Hosting / cert domain mismatch

18 Continue? Red URL Bar

19 it’s a trust thing As the CA of choice for hundreds of thousands we enable trust on the Internet An industry standard for SSL certificates will: –enable companies to earn the trust of their users and customers –instill confidence in people –enable a trustworthy Internet HA will give credence to what we do

20 Thank You – Q&A Confidential

Download ppt "High Assurance / Enhanced Validation Name of Presenter: Kevin Brown Date: August 5th Confidential."

Similar presentations

High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.

High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.
Extended validation SSL March 2007 Tim Moses (chair, CA / Browser Forum)

Extended validation SSL March 2007 Tim Moses (chair, CA / Browser Forum)
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.

1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.

SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
The Inconvenient Truth about Web Certificates Nevena Vratonjic Julien Freudiger Vincent Bindschaedler Jean-Pierre Hubaux June 2011, WEIS’11.

The Inconvenient Truth about Web Certificates Nevena Vratonjic Julien Freudiger Vincent Bindschaedler Jean-Pierre Hubaux June 2011, WEIS’11.
1. The VeriSign brand2. Extended Validation SSL www.secure128.com.

1. The VeriSign brand2. Extended Validation SSL
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Public Key Infrastructure Ammar Hasayen 2013. ….

Public Key Infrastructure Ammar Hasayen ….

Similar presentations

Ads by Google