HOME

TheInfoList



Click Here for Items Related To - Certificate Authority Security Council
OR:
Certificate Authority Security Council on:   [Wikipedia]   [Google]   [Amazon]

The Certificate Authority Security Council (CASC) is a multi-vendor industry
advocacy group Advocacy groups, also known as interest groups, special interest groups, lobbying groups or pressure groups use various forms of advocacy in order to influence public opinion and ultimately policy. They play an important role in the developm ...
created to conduct research, promote
Internet security Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules a ...
standards and educate the public on Internet security issues.


History

The group was founded in February 2013 with the seven largest certificate authorities, issuers of
SSL certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the ...
s — Comodo, Symantec,
Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and ...
,
DigiCert DigiCert, Inc. is an American digital security company headquartered in Lehi, Utah, with offices in Australia, Ireland, Japan, India, France, South Africa, Switzerland and United Kingdom. As a certificate authority (CA) and trusted third party, Di ...
,
Entrust Entrust Corp., formerly Entrust Datacard, provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificat ...
,
GlobalSign GlobalSign was one of the first Certificate Authorities (CAs) to be WebTrust audited. It is a provider of identity and security solutions for the Internet of Things (IoT). As of January 2015, Globalsign was the 4th largest certificate authority in ...
and
GoDaddy GoDaddy Inc. is an American publicly traded Internet domain registrar and web hosting company headquartered in Tempe, Arizona, and incorporated in Delaware. , GoDaddy has more than 21 million customers and over 6,600 employees worldwide. The co ...
. DigiCert withdrew from the group June 15, 2018.


Objectives

The CASC supports the efforts of the
CA/Browser Forum The Certification Authority Browser Forum, also known as the CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser and secure email software, operating systems, and other PKI-enabled applications th ...
and other standards-setting bodies. They support the development of enhancements that improve the
Secure Sockets Layer Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
(SSL) and the operations of the certificate authorities (CA). According to Robin Alden, CTO of Comodo and member of the Council, the CASC will serve as a united front for all of the CAs involved: "While not a standards-setting organization, we’re committed to supplementing standards-setting organizations by providing education, research, and advocacy on the best practices and use of SSL."


Membership requirements

The CASC limits membership to SSL certificate authorities that meet their requirements for reputation, operation, and security. Members are required to undergo an annual audit and to adhere to industry standards, such as the CA/Browser Forum’s Baseline Requirements and Network Security Guidelines.


Industry initiatives

The group works collaboratively to create and define the initiatives to improve the understanding of policies and their impact on Internet infrastructure.


Certificate Revocation and OCSP Stapling

The group's primary focus was promoting an understanding of the importance of certificate-revocation checking and the benefits of
OCSP stapling The Online Certificate Status Protocol (OCSP) stapling, formally known as the TLS Certificate Status Request extension, is a standard for checking the revocation status of X.509 digital certificates. It allows the presenter of a certificate to bear ...
. The protocol is intended to ensure that web users are aware when they visit a web site with a revoked or expired SSL certificate.


Securing Software Distribution with Digital Code Signing

The group has also worked to secure software distribution with digital
code signing Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to v ...
. Code signing certificates play a key role in helping users identify authentic software code from reputable publishers and receive the assurance that the code has not been tampered with beforehand.


References

{{reflist, 2 Internet security Certificate authorities