DecryptedTech

Wednesday01 February 2023

Displaying items by tag: VeriSign

bsod1

We have a new winner of the “what were they thinking award” the CA/Browser Forum have won this one by changing the way that certificates are issued. Normally such changes are not intrusive and are intended to ensure better security for users. However, in this case the changes published in July of this year (and set to take effect in November 2015) will probably break a significant number of corporate networks simply because the changes are in direct opposition to the best practices that Microsoft and many others have been recommending for years. This is the practice of separating internal and external domain names for security and identification. The CA/Browser Forum announced back in July that they are going to put an end to this practice by November 2015.

Published in Editorials