It’s time to reconsider the wisdom of implicitly trusting certificate authorities without a widely available mechanism for verifying the validity of certificates.
Hudson, WI (PRWEB) March 31, 2015
Datarealm, a leading provider of cloud and dedicated server hosting, is warning of an increasing risk to users posed by unscrupulous certificate authorities. In recent weeks, there have been several examples of information security risks created because of certificate authorities who do not act in accordance with the best interests of web users.
Microsoft (March 16, 2015) and Google (March 23, 2015) have both been forced forced to issue security advisories in recent weeks about improper use of the SSL / TLS certificates on which information security for web sites and eCommerce stores depends.
The SSL / TLS system depends on trusted certificate authorities actually being trustworthy. Because certificate authorities are implicitly trusted by web browsers, any certificate signed by their root certificate will be similarly trusted. This system is essential for protecting data as it travels across the web, but it works only if hosting companies, their clients, and web users can depend on the certificate authorities. The consequences of a lack of trust in the SSL / TLS system could be dire for the online economy.
“A significant proportion of the businesses we serve rely on SSL / TLS both to secure network connections and provide users with the confidence they need to send sensitive information over the internet,” warns Andrew Auderieth, CEO of Datarealm, “Without that trust, there is likely to be significant erosion in the confidence of internet users. It’s time to reconsider the wisdom of implicitly trusting certificate authorities without a widely available mechanism for verifying the validity of certificates.”
There are several schemes in place to improve SSL security, including certificate pinning, which “pins” a certificate to a specific certificate authority so that a spurious certificate cannot be issued for a domain, but that approach will not scale and presents the same problem that certificate authorities were designed to solve. Alternative solutions include the Google-developed Certificate Transparency scheme, but whichever scheme gains widespread adoption, it’s important that web service providers, web hosting companies, and the SSL industry at large recognizes the problem and begins to work towards a system that is more suitable for the modern internet.
Founded in 1995, Datarealm was one of the first Web hosting companies in the world. Datarealm has maintained its position as a trusted industry leader by continuously investing in cutting-edge web technologies and a commitment to extraordinary customer service. Datarealm’s current web hosting products include an advanced secure cloud hosting platform, dedicated servers, virtual private servers, and shared hosting. For more information, visit http://www.datarealm.com/