1. Symantec/
  2. Certificate Transperancy
Symantec is the first to automate Certificate Transparency, but we’re not stopping there.

Symantec Expands Support for Certificate Transparency

Symantec is pleased to extend support for Certificate Transparency (CT) for our Organization Validation (OV) products, a key certificate management capability for all SSL/TLS certificate types and customer channels. This is just the next step in empowering organizations with the ability to detect and mitigate security concerns for domains they own.

By enabling this key certificate management capability, organizations will get a comprehensive view of what active certificates exist for each of their domains. Such transparency lets them effectively manage all active certificates and quickly respond to threats.

Today, Symantec is one of the few Certificate Authorities to operate its own Certificate Transparency log server and will soon have a second one available. To encourage Certificate Transparency and offer a cost-effective option to the CA ecosystem, Symantec now allows third party Certification Authorities to log their certificates on its servers as well.

While Symantec is strongly advocating for CT, strong certificate management comes in three parts: Prevention, Detection, and Response. All Symantec SSL/TLS certificates come with the following:

Prevention

Customers have the ability to specify and control which Certification Authorities are permitted to issue certificates for their domains through the industry-recognized Certification Authority Authorization CAA specification.

Symantec introduced support for CAA across all products in mid-2015 and is championing making this an industry requirement for all Certification Authorities.

Detection

Certification Authorities are increasingly recording certificates to public Certificate Transparency log servers which allow customers to monitor what certificates have been issued for their domains.

Symantec is extending its support for Certificate Transparency to all of its certificates by default and is championing making this an industry requirement for all Certification Authorities.

Platform Extended Validation Certificates Organization Validation Certificates Domain Validation Certificates
Symantec Complete Website Security & Managed PKI for SSL Available Available Not Applicable
Symantec Trust Center Available Available Not Applicable
Thawte Certificate Center Available Available Available
GeoTrust Security Center Available Available Available
Rapid SSL Not Applicable Not Applicable Available
Symantec Japan SSL Available Available Available

Response

Customers can revoke problem certificates and have that information published immediately through the industry standard Online Certificate Status Protocol (OCSP).

Symantec offers global, high performance OCSP services, processing on average 13 Billion certificate checks every day. In Fall-2015, Symantec expanded its OCSP service to include IPv6 support.

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube