DigiCert Blog

All posts under: Best Practices

  1. Safety in a Good Password

    Max Nisen with Business Insider has pointed out that frankly, our society has become “Internet obsessed.” The Internet has become a necessary resource in the workplace and in education. People who use the Internet just for leisure can log up to 100 minutes a day, and that rapidly growing number excludes the minutes spent on…


  2. Making the Most of Vulnerability Scanners

    While it’s definitely no easy task, regular vulnerability checks are an essential component of any healthy network. The narrow amount of time it takes for hackers to find and exploit vulnerabilities makes these checks crucial in data protection. Likewise, the ever-changing climate of Internet security demands that admins frequently check for vulnerabilities in order to…


  3. STRIPTLS Attacks and Email Security

    Major email providers such as Google, Yahoo, and Outlook encrypt and authenticate their emails. However, not all businesses are quick to follow these best practices. Many email organizations use SMTP (Simple Mail Transfer Protocol) the Internet standard for email transmission. Unfortunately, SMTP was not built with encryption or authentication in mind and SMTP email security…


  4. How Short-Lived Certificates Improve Certificate Trust

    Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) are important technologies that—with ongoing work to improve their operations—can continue to provide a foundation for online trust. However, recent efforts within the CA/Browser Forum and Mozilla’s decision to support “short-lived” certificates in future versions of Firefox have shined the spotlight on an innovation that…


  5. OpenSSL Patches Two Security Vulnerabilities

    This morning, OpenSSL released two security patches—versions 1.0.2f and 1.0.1r—for two new security vulnerabilities: one rated as “high” severity and one rated as “low” severity. The “high” severity vulnerability affects the 1.0.2 release. The “low” severity vulnerability affects all releases—1.0.2 and 1.0.1. Neither of these bugs affect SSL Certificates; no actions related to SSL Certificate…