SSL Review: February 2018

Entrust Datacard’s monthly SSL review covers SSL/TLS discussions — recaps news, trends and opinions from the industry.

Entrust Datacard …

• Chrome Requires CT after April 2018
• Marketers, Secure Your Landing Pages!
• Grade Changes to the SSL Server Test – Coming March 2018

CA Security Council …

• Chrome Will Show Not Secure for all HTTP Sites Starting July 2018

Chrome and Not Secure …

• A secure web is here to stay
• Fake Reddit Website Phished Users with an Assist from Google
• HTTPS or bust: Chrome’s plan to label sites as “Not Secure”

Alexa Top 1 Million Sites …

• Scott Helme – Alexa Top 1 Million Analysis – February 2018
• Mozilla – Analysis of the Alexa Top 1M Sites

Trustico Certificate Revocation …

• DigiCert Statement on Trustico Certificate Revocation
• 23,000 Users Lose SSL Certificates in Trustico-DigiCert Spat

Bulletproof TLS Newsletter …

• Bulletproof TLS Newsletter #38 – Chrome will mark HTTP pages as not secure

Other News & Notes

• SSL Labs Grading Update: Forward Secrecy, Authenticated Encryption and ROBOT
• In 2018 Certificate Authorities could become a major target
• Flaw in TLS/SSL Certificates Allows Covert Data Transfer
• Criminals exploit SSL encryption & free certificates in malware attacks
• Google Engineer Lists 4 Powerful Reasons Why Sites Should Upgrade to HTTPS
• Understanding the Limitations of HTTPS
• Are you ready for the Symantec distrust?
• Google AdWords and Free SSL certificates Take Bitcoin Phishing Game to a Whole New Level: $50 Million Stolen
• Why we need to do more to reduce certificate lifetimes
• The deprecation of TLS 1.0 and 1.1 is underway
• Do SSL warranties protect you? As much as rocks keep tigers away…

*** This is a Security Bloggers Network syndicated blog from Entrust Datacard Blog authored by Entrust Datacard Blog. Read the original post at: https://www.entrustdatacard.com/blog/2018/march/ssl-review-february-2018