PKI Archive

Cyber War


It wasn’t entirely obvious to me, when we made the decision some six years ago to implement a certification authority that does things differently, that we’d end up against a country sponsored cyber-war. And even though I incidentally called this very blog “Join the Revolution“, I didn’t had in mind to have anything to do […]

Strictly Opera


Long after the major software vendors which produce browsers and mail clients already supported the StartCom root certificate by default, users of the Opera browser couldn’t enjoy the benefits of free and cheap SSL certificates easily. And I myself had to postpone an article I intended to write about Opera for more than two years […]

Are you also reading Toiletpaper?


When buying a newspaper, for what exactly are you paying? For the paper or the content within the paper?
Well, if it would be for the paper, you could probably read last years newspaper much cheaper. Or perhaps you could save yourself the hassle and simply read the toilet paper in the morning instead, it wouldn’t […]

Securing the Enterprise


Securing internal networks of enterprises is a very important task - for that matter any Intranet is. Today, the threats are manifold and are coming from various directions, being it through the corporate firewalls, VPN gateways, WiFi access points, compromised computers and laptops or employees and third party contractors, to mention only the most obvious. […]

Refute the FUD


In my capacity it’s my job to counter a few baseless claims which some use in order to try to spread Fear, Uncertainty and Doubt (FUD) regarding the digital certificates which StartCom issues for free without charge. This is a response to Sebasti├ín Bortnik, David Harley and Dan Raywood regarding their articles I found recently […]

Faster, Longer, Better and…Cheaper


All those superlatives reflect really what the StartCom Certificate Authority really tries to present and deliver to its subscribers. Considering that StartCom provides legitimate, renewable digital SSL certificates with a validity period of one year free of charge, it’s hard to argue that it can get any cheaper. We don’t have to argue - they […]

SSL Flaw by (Browser) Design?


A while ago, the two security “white hats” Alexander Sotirov and Mike Zusman announced that they are going to publish a tool for exploiting EV SSL secured sites at the Black Hat Security Conference at the end of this month. Some sites reported the alleged attack on EV SSL secured sites as a means to […]

The Race Is On - You Won


The competition in the digital certification business is preparing for StartCom’s entry with its super-cheap EV SSL offerings. Proclaims a director of a well known certification authority:
“EV SSL certificates are no longer an expensive premium for Web security; they are a necessary tool to help thwart phishing, man-in-the-middle and other malicious fraud attacks”

CA/Browser Forum


Since this weekend the StartCom Certification Authority is officially a member of the CA/Browser Forum. This forum is a closed group of commercial certification authorities and software vendors - in particular browser vendors - which was founded sometime in 2006. At a previous occasion the StartCom CA was denied participation, but having now met their […]

Positive Indicators


Phishing attacks seldom use SSL certificates for their fake sites resembling Paypal, eBay or whatever, because they look as good without it. So far this apparently just worked fine because a somewhat careless user simply doesn’t pay attention to the microscopic indicators the browsers used to give us in the past. Well, that’s perhaps an […]