April 2018 – Certificate Transparency will be mandatory
May 2018 – GDPR Enforcement goes live
July 2018 – Browser Security Changes (Chrome 68)
August 2018 – Domain Validation Standards Upgrade (CA/B Forum)
October 2018 – The end of trust for all Symantec SSL certificates
Check your SSL Certificates now
Many high-profile UK sites are still using Symantec SSL Certificates just days before Google begins the process of dropping support for them with the next and upcoming releases of its Chrome browser.
Google’s pending repudiation of Symantec SSL Certificates will occur across two effective dates in April and October.
Symantec certificates issued prior to 1 June 2016 will stop working with the Chrome 66 (stable) release* on 17 April 2018. The Chrome 70 release, expected in the week of 23 October 2018, will spell the end of trust for all Symantec-issued certificates.
Google announced last September that it would “reduce, and ultimately remove, trust in Symantec’s infrastructure in order to uphold users’ security and privacy when browsing the web”, after its Chrome team lost “confidence in the trustworthiness of Symantec’s infrastructure”, following a series of alleged lapses in best practice.
Clearly, this major set-back to CA Trust needs to be addressed swiftly and effectively. That is why from April 2018 every member of the CA/Browser Forum will be implementing a series of new measures designed to improve Organisation Vetting, Domain Validation and Certificate Installation practices. Certificate Transparency, Browser Security changes and new DV standards all come into play through April to August.
This is what we recommend you do to ensure that you stay up-to-date with the changes, and keep your sites secure and compliant with data protection regulations.
Evidence points to the risk of phishing and MiTM attacks being prevented by increased implementation and awareness of TRUSTED Organisation Validated and Extended Validation SSL certificates. Because EV certificates provide enhanced authentication, they are almost impossible to obtain fraudulently, and as a result of the additional visual cues being provided to website users from July, Extended Validation offers a strong phishing deterrent.
We strongly recommend that site administrators interested in maintaining the integrity of their own websites, and in building consumer awareness for online security, should switch to EV SSL certificates, or at least OV SSL, and that they use a Certificate Management Service account to centralise the issuance, renewal and management of their certificates. We offer EV SSL + SITELOCK to verify Trust and protect users from data theft and Malware at-all-times. You can apply this approach to every site via our Cloud SSL Account.
The good news is that due to continued customer demand, we have launched a dedicated Certificate Replacement Service, which is being delivered by our expert SITEFIX Installation Team. We have extended this service to end-users who are also concerned about the inherent security flaws in FREE SSL certificates.
We replace Symantec, Thawte, GeoTrust or RapidSSL Certificates with Entrust CA certificates and guarantee a saving on what you normally spend every year.
We also give Enterprise SSL Certificate users a Cloud SSL Account to manage certificates centrally, on either a pay per certificate or a fixed annual fee basis. Whichever model you choose, the Certificate Management Tools are included.
Talk to us now about solving this major threat to your online business and be sure to read our latest Risk Advisory on the threat posed by Symantec SSLs and FREE SSL certificates in the face of new Certificate Transparency standards in April and Browser Security changes in July.
See how our Enterprise customers have mitigated risks and saved money by deploying Cloud SSL.