Keeping ahead of security is always a challenge online. Nimbus Hosting has recently created a useful graphic, illustrating the importance of the new transparent SSL certificate initiative for eCommerce brands, as well as providing a comprehensive checklist to help with effortlessly moving your website to HTTPS. The infographic, Transparent SSL & How to Move Your Website to HTTPS in 2017 features examples of why this new SSL initiative is necessary.
Some SSL Horror Stories Include
- French Spies – Google found that a French Government agency were using rogue Google SSL certificates to spy on a number of users.
- Github vs China – One user who controlled a subdomain of the development hosting site Github was wrongly awarded a duplicate SSL certificate for the entire domain by a Chinese certificate authority.
- Iranian Victims – Forged digital certificates issued by DigiNotar were used to hack the Gmail accounts of around 300,000 Iranian users in 2011.
For these reasons and others, if your website doesn’t have a Transparent SSL certificate by October 2017, Chrome will mark your website as Not Secure, discouraging users from visiting it, and your website security could be at risk. Now is the ideal time to get on board.
Google Certificate Transparency Project
In recent years, due to structural flaws in the HTTPS certificate system, certificates and issuing CAs have proven vulnerable to compromise and manipulation. Google’s Certificate Transparency project aims to safeguard the certificate issuance process by providing an open framework for monitoring and auditing HTTPS certificates. Google encourages all CAs to write the certificates they issue to publicly verifiable, append-only, tamper-proof logs. In the future, Chrome and other browsers may decide not to accept certificates that have not been written to such logs.