Symantec has announced changes with issuing SSL certificates. They concern the certificates secure domain name (the standard) and Code Signing.
First point of changes is validity period of certificates. Except for Extended Validation (EV) SSL certificates and code signing certificates, all new SSL certificates issued AFTER the June 7th, 2012 release will have a maximum validity period of up to 4 years. EV SSL certificates will continue to have a maximum validity period of up to 2 years. With the April 1st 2015 deadline, all new SSL certificates, except for EV SSL certificates, will have a maximum validity period of 3 years. As before, EV SSL certificates will continue to have a maximum validity period of 2 years.
Subject Alternative Name (SAN) extension and Subject Common Name (CN) field changes:
The third change is about root key. Starting January 1st, 2014, the industry is discontinuing the use of 1024-bit key length on SSL certificates and Code Signing products. This is in compliance with NIST Special Publication 800-131A. Beginning January 2012, 2048-bit keys will be enforced on all new multi-year Code Signing products and SSL certificates. All Code Signing products and SSL certificates will be required to have 2048-bit key lengths after December 31st, 2013. Please plan the adoption of 2048-bit key lengths in your Code Signing products and SSL certificates accordingly.
The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?
General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.
In November this year we wrote about the need to replace SSL certificates issued by Symantec Group. Find out the dates when you need to re-issue your certificates.