Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions

Why we don't just make domain authenticated SSL Certificates invalid

Created: 15 Sep 2006 • Updated: 18 Dec 2012 • 2 comments
Tim Callan's picture
0 0 Votes
Login to vote

In response to one of my postings on High Assurance SSL, I recently received this (slightly paraphrased) question:

Why not make domain authentication SSL Certificates invalid?

Comments 2 CommentsJump to latest comment

Charter's picture

Surely if the browsers can set a new standard for high assurance ssl, they can set one for ALL of ssl!

Login to vote
Tim Callan's picture

Certainly that is within their ability, but as I stated, they have never shown any particular interest in doing so. VeriSign has always maintained the industry's highest standards of authentication, physical and network security, and process reliability. We always have tried to be an example to the CA community for how these things are done and have encouraged the full CA community to increase their procedures and practices. We welcome the involvement of anyone else - browser manufacturer or otherwise - who wants to put pressure on CAs to keep their standards high.

Login to vote