Document Sample
DigiCert-Newsletter-2009-01 Powered By Docstoc
					 Volume         This Issue

                What’s New P.1
            Product Highlight P.1
             Choosing Certs P.2
                 DigiCert EV P.2

                                                                                     Your Success is Built on Trust™
New DigiCert Customers
Fed. Housing Finance Board
   The Kroger Company
                                    DigiCert Unaffected by MD5 Vulnerability
     City of Las Vegas
   Penn State University            On December 30, 2008 a group of secu-              The fact that DigiCert uses SHA-1 instead
          CarMax                    rity researchers reported that by exploiting       of the outdated MD5, along with various
    Northrop Grumman                a known weakness in the MD5 hashing                other internal controls, makes the attack by
      Learn.com, Inc.               algorithm, they were able to create a rogue        the MD5 researchers impossible on Digi-
                                    intermediate CA certificate under the “Equi-       Cert’s systems.
DigiCert Expands Sup-               fax Secure Global eBusiness CA-1” root
port Knowledgebase:                 certificate, belonging to GeoTrust’s Rap-          The recent findings also highlight the
                                    idSSL brand.                                       problems inherent in the practice of issuing
DigiCert has expanded its                                                              domain validated certificates, which can be
CSR Creation and Certifi-           By creating a Rogue Certificate Author-            issued automatically, with no human ele-
cate Installation support           ity, these researchers were able to issue          ment in the verification process. Though
pages to include a greater          trusted SSL certificates                                              frequently the companies
variety of new and old              with any name of their                                                that issue these “rapid,”
server platforms.                   choosing.                                                             “instant,” “low assurance,”
                                                                                                          or “automated” certificates
Some notable server                 Netcraft, an Internet                                                 tout the speed with which
types that have been                consultancy company                                                   SSL certificates can be
added include:                      founded in 1988, report-                                              issued, these certificates
                                    ed the following figures                                              provide no assurance that
 •   Cobalt RAQ & XTR               on certificates using the MD5 hashing              the certificate belongs to a real company.
 •   Nginx                          algorithm:
 •   Novell IChain                                                                     To protect our customers, DigiCert issues
 •   Webstar                        “Netcraft’s December 2008 SSL Survey               only organization-validated, high assurance
 •   Zeus                           found 135,000 valid third party certificates       SSL certificates. This, in addition to other
                                    using MD5 signatures on public web sites,          security practices, helps to prevent phishing
DigiCert continues to               which is around 14% of the total number of         and other abuses.
look for opportunities              valid SSL certificates in use.”
to provide outstanding                                                                 For more information, call us toll free
support documentation               Because all certificates issued by DigiCert        (Canada or US) at 1-800-896-7973 (Inter-
for all available server            use the SHA-1 hashing algorithm, we are            national Customers please call us at +1-
platforms.                          happy to reassure all our past, present, and       801-877-2100).
                                    future customers that these findings do not
Please let us know if               present any reason for them to worry about         Visit us online at www.digicert.com (24-hour
there are other devices             the integrity of their DigiCert SSL certifi-       Live Chat service provided).
that need instructions by           cates.
sending an email to sup-

                                             DigiCert Site Seal
                                                                                                                    By providing an
The DigiCert site seal is a                                                                               external, third-party verifi-
recognized symbol of trust and security.                                           cation of your organization, your site visitors can
This trust mark prominently verifies that your                                     receive the extra assurance they need to com-
organization’s page is secure and can be a                                         plete their online transactions.
powerful force in increasing conversion and
visitor assurance.                                                                 The DigiCert Site Seal is included with every
                                                                                   certificate purchase. It can be accessed by log-
When a visitor clicks on the seal, a pop up                                        ging in to your DigiCert account, clicking on your
page hosted on digicert.com verifies that the                                      order number, and selecting “Get Site Seal.”
site is secured using DigiCert’s services, and
that your organization has passed our strong                                       Learn more about DigiCert SSL Services
validation standards.
Choosing the Right SSL Certificate                                                                                                                                  Positive Feedback:
                                                                                                                                                                    By: Travis Tidball, Director of
        Which is the best for your needs?                                                                                                                           Customer Relations
        By: Travis Tidball, Director of Customer Relations
                                                                                                                                                                    It’s always a great thing
SSL certificates play a huge                site is secure by enabling                                  tions certificate is the best                               to see the feedback we
role in not only protecting                 the green URL bar in your                                   choice. It will allow you to                                receive from our custom-
your organization’s sensi-                  client’s browser window,                                    secure up to 150 different                                  ers. DigiCert has had a
tive information, but relaying              proving that the site is in                                 names (external, internal,                                  lot of positive attention
confidence to those that use                fact owned by your organi-                                  and IP addresses) with a                                    from blogs and review
its services. Your success                  zation, and that their infor-                               single certificate.                                         sites such as sslshopper.
is built on trust, and after                mation is safely encrypted.                                                                                             com. We just wanted to
selecting a trusted provider                                                                            The SSL Plus certificate                                    take a moment and say
such as DigiCert, which                     When you need to secure                                     might the best option when                                  thanks to you, our cus-
SSL certificate should you                  different subdomains such                                   you are sure that none of                                   tomer.
choose?                                     as mail.example.com, stag-                                  the previously mentioned
                                            ing.example.com, or admin.                                  enhancements are needed.                                    We work our hardest to
There are four types of SSL                 example.com, you might                                                                                                  provide superior cer-
certificates that offer a vary-             want to consider WildCard                                   Of course, all of our SSL                                   tificate services at an
ing level of options depend-                certificates. They can                                      certificates come with many                                 outstanding price. We
ing on your organization’s                  provide the best value by                                   standard features. If you’re                                believe that being a
needs: Extended Valida-                     enabling encryption for an                                  not sure what SSL certifi-                                  responsible company
tion, WildCard Plus, Unified                unlimited number of subdo-                                  cate you need from reading                                  means standing behind
Communications, and SSL                     mains.                                                      the descriptions, please call                               your product as well,
Plus.                                                                                                   or email us and let us help                                 which is why DigiCert
                                            You might have a situation                                  you decide.                                                 offers free 24-hour sup-
Instances needing the                       that requires you to secure                                                                                             port for the lifetime of our
highest level of assurance                  different domain names                                      Call us toll free (Canada                                   certificates.
(your site visitors need to                 with a single certificate.                                  or US) at 1-800-896-7973
know that your site is the                  For example, Microsoft’s                                    (International Customers                                    Our sales representa-
real deal) such as shop-                    Exchange 2007 required a                                    please call us at +1-801-                                   tives also handle support
ping carts, login pages, or                 certificate to secure both the                              877-2100).                                                  cases, making a unique
account pages are best                      internal server name and                                                                                                combination of individuals
served by Extended Valida-                  the external fully qualified                                Visit us online at www.digi-                                that can walk you through
tion SSL certificates. These                domain name. In this case,                                  cert.com (24-hour Live Chat                                 ordering to implementa-
certificates show that your                 our Unified Communica-                                      service provided).                                          tion.

Standing Out from the Crowd                                                                                                                                         For all of those who have
                                                                                                                                                                    taken the time to write
        What makes DigiCert EV different?                                                                                                                           about their experiences
        By: Travis Tidball, Director of Customer Relations
                                                                                                                                                                    with DigiCert, we want
The guidelines for issuing an Extended                                     make them truly unique amidst the similar                                                to express our sincerest
Validation (EV) SSL certificate are defined                                offerings from other Certificate Authorities.                                            thanks and appreciation.
by the Certificate Authority / Browser Forum
(CA/B Forum, http://www.cabforum.org).                                     Each DigiCert Extended Validation certifi-                                               It is because of you that
In order to issue an EV SSL certificate, all                               cate includes our “Plus” feature, which al-                                              we have continued to
Certificate Authority must abide by the same                               lows it to work with or without the www (both                                            grow at an unprecidented
verification requirements.                                                 example.com and www.example.com).                                                        rate. We look forward
                                                                                                                                                                    to finding new ways to
Although all Certificate Authorities must                                  DigiCert EV certificates come with an                                                    surprise and astound our
follow the same procedures for EV, not all                                 unlimited server license, free reissues, and                                             customers.
Certificate Authorities are equal.                                         unlimited support via phone, email, or live
                                                                           chat 24 hours each business day.                                                         Thanks for choosing
Besides having one of the fastest issuance                                                                                                                          DigiCert.
times and lowest prices for Extended Vali-                                 These features not only make DigiCert
     dation certificates, DigiCert enhances                                stand out from the crowd, but are also what
            each one with a number of                                      makes us the “Best Value in SSL.”
                              benefits that
                                                                                                                                                                                   DigiCert, Inc.
                                                                                                                                                                             355 South 520 West
                                                                                                                                                                              Canopy Building II
                                                                                                                                                                               Lindon, UT 84042
                                                                                                                                                                             +1-800-896-7973 ph
                           Feedback? Article Suggestions? We want to know! Send an email to newsletter@digicert.com
                          All trademarks displayed on this publication are the exclusive property of the respective holders. To stop receiving publications, login to your
                                                                                                                                                                             +1-866-842-0223 fax
                                                        DigiCert account, click on “Edit My Profile,” and update your opt-in preferences.                                      www.digicert.com

Shared By: