Forum Approves Requirements for SSL/TLS Certificates

By Amber Ankerholz

The CA/Browser Forum has released a set of baseline requirements for an industry-wide standard governing the issuance and management of SSL/TLS digital certificates.

SSL/TLS digital certificates are cryptographic protocols used to authenticate network connections, as well as to encrypt information for privacy over the Internet.

According to the announcement, the “Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates” document aims to provide clear standards for CAs on topics including verification of identity, certificate content and profiles, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, and privacy.

These “Baseline Requirements” will take effect July 1, 2012, giving CAs time to bring SSL/TLS policies and practices into compliance with the standard. The CA/Browser Forum will continue development of the requirements to address evolving risks and threats involving SSL/TLS certificates.

The CA/Browser Forum has requested that Internet browsers and operating systems adopt the requirements among their conditions to distribute CA root certificates in their software. Major CAs, including Symantec, GoDaddy, Comodo, GlobalSign, DigiCert, Entrust, and others, have already made a commitment to implement the baseline requirements. For more information and a link to the requirements document, visit http://www.cabforum.org/.

12/29/2011