. home.aspx



Certificate Authorities Aim to Improve Identity Assurance

June 27, 2018 / Sean Michael Kerner

A group of leading SSL/TLS Certificate Authorities are working on the London Protocol effort to figure out what's needed to improve certificate identity assurance. The Certificate Authority Security Council (CASC) announced a new effort dubbed the "London Protocol" on June 27 in a bid to help improve identity assurance for web security certificates. The London Protocol benefits from the support of multiple Certificate Authority (CA) vendors, including Comodo CA, Entrust Datacard, GlobalSign, GoDaddy and Trustwave. The London Protocol is a multi-stage effort that will be implemented over a 10-month period that aims to help understand how attackers are misusing SSL/TLS certificates and what the CAs can do to help minimize risks. "In general, the CAs have not really worked together to share data in the past to really provide a higher level of of identity assurance for certificates," Chris Bailey, vice president of strategy and business development for certificate s...