Facebook Releases Free Certificate Transparency Monitoring Tool

Facebook makes freely available an internal tool used to monitor CT logs for new TLS certificates issued for a domain. Users can monitor and audit this information for malicious or mistakenly issued certs. Continue reading Facebook Releases Free Certificate Transparency Monitoring Tool

Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain.

The certificate authority, named WoSign, issued … Continue reading Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

How Certificate Transparency Monitoring Tool Helped Facebook Early Detect Duplicate SSL Certs

Earlier this year, Facebook came across a bunch of duplicate SSL certificates for some of its own domains and revoked them immediately with the help of its own Certificate Transparency Monitoring Tool service.

Digital certificates are the backbone of our secure Internet, which protects sensitive information and communication, as well as authenticate systems and Internet users.

The

Continue reading How Certificate Transparency Monitoring Tool Helped Facebook Early Detect Duplicate SSL Certs

What is Certificate Transparency? How It helps Detect Fake SSL Certificates

Do you know there is a huge encryption backdoor still exists on the Internet that most people don’t know about?

I am talking about the traditional Digital Certificate Management System… the weakest link, which is completely based on trust, and it has already been broken several times.

To ensure the confidentiality and integrity of their personal data, billions of Internet users blindly

Continue reading What is Certificate Transparency? How It helps Detect Fake SSL Certificates