Techly NewsGet the app

Get the latest tech news

HTTPS Certificate Industry Adopts New Security Requirements


The Certification Authority/Browser Forum "is a cross-industry group that works together to develop minimum requirements for TLS certificates," writes Google's Security blog. And earlier this month two proposals from Google's forward-looking roadmap "became required practices in the CA/Browser Foru...

Despite the existing domain control validation requirements defined by the CA/Browser Forum, peer-reviewed research authored by the Center for Information Technology Policy of Princeton University and others highlighted the risk of Border Gateway Protocol (BGP) attacks and prefix-hijacking resulting in fraudulently issued certificates. Linting also improves interoperability, according to the blog post, and helps reduce the risk of non-compliance with standards that can result in certificates being "mis-issued". And coming up, weak domain control validation methods (currently permitted by the CA/Browser Forum TLS Baseline Requirements) will be prohibited beginning July 15, 2025.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of HTTPS

HTTPS

Related news:

News photo

Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

News photo

Caddy – The Ultimate Server with Automatic HTTPS

News photo

How to Make HTTPS Verifiable

« Station: Travel Through the Four Seasons (1994)
Best microSD Express cards for Nintendo Switch 2: get more room for your games »