Symantec has announced changes with issuing SSL certificates. They concern the certificates secure domain name (the standard) and Code Signing.
First point of changes is validity period of certificates. Except for Extended Validation (EV) SSL certificates and code signing certificates, all new SSL certificates issued AFTER the June 7th, 2012 release will have a maximum validity period of up to 4 years. EV SSL certificates will continue to have a maximum validity period of up to 2 years. With the April 1st 2015 deadline, all new SSL certificates, except for EV SSL certificates, will have a maximum validity period of 3 years. As before, EV SSL certificates will continue to have a maximum validity period of 2 years.
Subject Alternative Name (SAN) extension and Subject Common Name (CN) field changes:
The third change is about root key. Starting January 1st, 2014, the industry is discontinuing the use of 1024-bit key length on SSL certificates and Code Signing products. This is in compliance with NIST Special Publication 800-131A. Beginning January 2012, 2048-bit keys will be enforced on all new multi-year Code Signing products and SSL certificates. All Code Signing products and SSL certificates will be required to have 2048-bit key lengths after December 31st, 2013. Please plan the adoption of 2048-bit key lengths in your Code Signing products and SSL certificates accordingly.
Sectigo, formerly known as Comodo CA, is entering the next phase of its transition: it’s replacing Comodo CA roots with USERTrust roots on January 14, 2019. Why it happens and what it will mean to Sectigo customers?
According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.
The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?