DigiCert Blog

All posts under: 101

  1. Biometric Authentication: An Added Layer of Security or Security Risk?

    Do you remember the first time you were awed by the biometric authentication used to verify someone’s identity in a movie? Perhaps you watched a character use voice recognition to board a Pan Am space plane in 2001: A Space Odyssey; perhaps you watched Tiffany Case use a fingerprint scanner to authenticate her guests in…


  2. Uploading Documents Is Safer than Email

    Regardless of the type of SSL Certificate (OV or EV) an organization is purchasing, DigiCert can perform the validation process using our own resources and without up-front documentation from the organization most of the time. Occasionally, however, DigiCert needs some extra documentation to hasten the validation process. At these times, we will request specific documentation…


  3. SLOTH Attacks and the Risks Involved

    Researchers Karthikeyan Bhargavan and Gaetan Leurent have found that the use of weak hash functions in various cryptographic constructions within mainstream protocols has been justified by practitioners under the notion that their use of these protocols relies only on second preimage resistance; therefore, they are unaffected by collision attacks. These weak hash functions center on…


  4. Safety in a Good Password

    Max Nisen with Business Insider has pointed out that frankly, our society has become “Internet obsessed.” The Internet has become a necessary resource in the workplace and in education. People who use the Internet just for leisure can log up to 100 minutes a day, and that rapidly growing number excludes the minutes spent on…


  5. STRIPTLS Attacks and Email Security

    Major email providers such as Google, Yahoo, and Outlook encrypt and authenticate their emails. However, not all businesses are quick to follow these best practices. Many email organizations use SMTP (Simple Mail Transfer Protocol) the Internet standard for email transmission. Unfortunately, SMTP was not built with encryption or authentication in mind and SMTP email security…