Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The Secure Sockets Layer (SSL) Protocol was adopted by Netscape in 1994 as a response to the growing concern over Internet security. Netscape’s goal was to create an encrypted data path between a client and a server that was platform or OS agnostic. Netscape also embraced SSL to take advantage of new encryption schemes such as the recent adoption of the Advanced Encryption Standard (AES), considered more secure than Data Encryption Standard (DES). Indeed, by June 2003, the US Government deemed AES secure enough to be used for classified information:
“The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. The implementation of AES in products intended to protect national security systems is certified by NSA ….” (Source: Wikipedia, Definition AES)
Updates were released, so that today version 3.0 has grown in popularity and become a standard. Further, SSL 3.0 is the version most Web servers support today.
Since its inception, the main role of SSL is to provide security for Web traffic including confidentiality, message integrity, non-repudiation and authentication. SSL achieves these elements of security through the use of cryptography and properly authenticated digital certificates.
SSL certificates, therefore, are critical for the user to trust a website operating from a server before sending private information to the server. But encryption is only one part of the “trust equation” that SSL delivers. SSL certificates issued under the X.509 standard ought to deliver information about the identity of the entity since certificates act as “digital documents” that verify that a specific public key does, in fact, belong to the specified entity. This identity verification helps the user to distinguish between authenticated and fraudulent websites.
Certification authorities play a key role in establishing trust in online identities. Since a digital certificate is a statement of the identity of the entity or individual who wishes to be authenticated, a trusted third party is needed to validate the identity attached to the certificate. This third party is the certificate authority whose responsibility it is to deliver authenticated identity trust assurance for online entities.
Unfortunately, not all certification authorities adhere to similar standards in identity assurance. In fact, some certification authorities issue certificates without any processes to authenticate and verify the identity of the business requesting the certificate. Worse, these non-vetted certificates display the same yellow padlock as the identity assured SSL certificates. These “weak” validation certificates rely only on the Domain Name Registrar details to validate ownership, which provides virtually no identity assurance.
Let us look at the following example. Is www.ABCompany.com or www.ABC-company.com the real web page of ABC Company, or does one of the URL’s belong to a fraudster or impostor? To determine whether you are on the legitimate site would require further validation. If a website does not have identity authentication, any fraudster can procure the trusted yellow icon to launch phishing or pharming attacks from a fraudulent website because users cannot easily distinguish between low assurance certificates and the identity-validating high assurance certificates.
That’s why EV SSL certificates were introduced to close this trust gap.
When an EV certificate secures a site, the Microsoft Internet Explorer, Opera or Mozilla Firefox user will immediately see the address bar turn green when they visit the website. A display next to the URL will toggle between the organization name and the certificate and the certificate authority that issued the SSL Certificate. The green bar means that a third party has authenticated the identity of the business. Other browser vendors will also provide a similar display
SSL is vital to Web security. It provides a strong sense of confidentiality, message integrity, and identity authentication to users. The business of e-commerce is tied closely to consumer confidence in the identity assurance aspect of SSL certificates across the net.
As a result, in the future SSL certificates will evolve to offer more security and identity assurance. The encryption of key lengths, cipher suites and new guidelines for SSL certificates will also evolve to ensure a consistent level of identity verification during online transactions. This way, e-commerce will be able to continue to grow as users grow more confident in shopping and banking online.
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats