×

Send a request

and we will call back to you soon


By clicking «I Accept» you confirm that you have read and accepted the website Terms and Conditions, Privacy Policy, and Moneyback Policy.
*fields are required

News

27-05-18

.app domains from Google, available only through HTTPS, open for registration


On 8 May, Google opened the .app domain registration to the general public. As the name implies, these domains are intended for application developers, but you can register a domain for any other purposes.

A distinctive feature of .app domains is that they require site owners to install an SSL certificate and transfer content over HTTPS.

Google acquired rights for the .app domain zone in February 2015, for the huge amount of $ 25,001,000. This step allowed Google to set its own rules for .app domains - allowing only HTTPS connections.

Formally, the opening of .app domain registration occurred on 1 May as part of the early access programme. At this time, users could buy a domain for themselves for an additional fee.

Under the early access programme, users registered over 100,000 domains. Not so long ago, Google opened a .app domain name registration for the general public.

If you want to create an .app domain for your application or just for personal use, you should remember that you will need an SSL certificate, otherwise users will not be able to access your site. You can buy SSL certificates from the leading certification authorities from the LeaderSSL store.

20-05-18

Starting in September 2018, Google Chrome will change the visual indicators for HTTPS

We have already written a piece on the fact that Google plans to mark all HTTP-sites as unsecure (i.e. not secure). A few days ago, Google took another step in this direction - starting in September 2018, Google Chrome (version 69) will remove the word "Secure" from the address bar of the browser for all HTTPS sites.

Finally, in October, with the release of Chrome 70, all sites that do not have SSL certificates will be marked with the red "Not secure" message in the address bar of the browser, when users input any data.

Note: by default the Not Secure text for HTTP pages is grey but, when you fill in any forms, it will turn red.

Why were such changes introduced? According to representatives of Google, users should know that the Web is safe by default.

Today SSL certificates are available at an affordable price and they are much easier to integrate than before.

LeaderSSL presents a wide range of SSL certificates for our customers’ varying needs. If you still have not purchased an SSL certificate, we recommend that you do so in order to avoid losing site visitors. 

04-04-18

Encryption protocol TLS 1.3 was finalised and approved by the IETF

The new TLS 1.3 protocol was finalised on 21 March 2018. Prior to this, the protocol hadn’t been updated for more than 8 years. TLS 1.3 brings improved security and performance.

The Internet Engineering Task Force (IETF) is responsible for the description of the TLS protocol. The previous version of TLS (TLS 1.2) was described in RFC 5246 and was used for 8 years, with supported by most web browsers. On 21 March 2018, protocol TLS 1.3 was finalised.

Improved speed in TLS 1.3

In terms of web performance, TLS and encrypted connections initially added additional milliseconds. With the advent of HTTP/2, this problem was solved and TLS 1.3 now allows even faster encrypted connections. In TLS 1.3, the following features were introduced:

  • TLS false start
  • Zero Round Trip Time (0-RTT)

In version 1.2, a TLS handshake required two round-trips, while in TLS 1.3 only one round-trip is needed for this. This means the encryption procedure time is halved.

So Zero Round Trip Time is another advantage. If you visited any site previously, then you can send data in the first message to the server. This feature is called 0-RTT. As a result, pages load much faster.

Improved security in TLS 1.3

TLS 1.3 removed obsolete and unsafe algorithms that existed in TLS 1.2: SHA-1, RC4, DES, 3DES, AES-CBC, MD5, CVE-2016-0701 and so on.

This means that attacks on TLS, such as Heartbleed, POODLE, etc. that had previously occurred, can be avoided.

Connections will continue to fall back to the TLS 1.2 version of the protocol if either side does not support TLS 1.3, but if an attacker attempts to trick this fallback (using man-in-the-middle (MITM) attacks), then in TLS 1.3 will be detect this and prevent it from happening.

The protocol has become more simple, and therefore there are likely to be fewer configuration errors.

Browser support:

  • In Chrome 63, TLS 1.3 support is enabled for outbound connections. TLS 1.3 support appeared in Chrome 56.
  • In Firefox 52, TLS 1.3 is enabled by default. It is also included in Quantum.

Other browsers promise to include the protocol in a few months’ time.

13-03-18

LeaderTelecom has launched the rating of SSL certificates - a new project that rates SSL certificates used by leading websites

LeaderTelecom, Amsterdam

LeaderTelecom has launched a new project, which is available at www.sslcertificates.top. Within the framework of this project, the company aims to organise and analyse SSL certificates used by large sites in each of the vast market segments across the world.

Aleksei Ivanov, the founder of the Rating of SSL certificates and the founder/managing director of LeaderTelecom says, "Our project aims to systematise the disparate information associated with SSL certificates that were issued for the heavy-traffic websites. We decided to take a look at each of the industry’s segments, and create a list of sites that are leading in terms of traffic".

Features of the SSL certificates rating from LeaderTelecom

The rating of SSL certificates allows you to find out indicators like the percentage of SSL certificates being used among the top 50 websites (in general, by country and by sphere of use), the number of installed certificates from each certifying authority and the cost of certificates in the LeaderTelecom store.

When you click on the SSL certificate, a list of sites using it opens. When you click on the eye icon, you can find out information about a particular certificate issued for a particular domain.

It is also possible to view all SSL certificates for the top 50 domains by country and by various categories: business, science, sports, games, etc. To do this, just select the appropriate item in the top menu on the main page. 

"The main aim is convenience for users", says Aleksei Ivanov. "We wanted to implement the most understandable interface. If you are interested in any certificate, you can easily purchase it or a similar certificate in our store by clicking on a separate button". 

About LeaderTelecom

LeaderTelecom - a global provider of the SSL certificates, as well as various solutions for online security, working for over 10 years. Official partner of leading certification authorities, such as Comodo, Symantec, Thawte, GeoTrust, RapidSSL, Entrust etc. The company has the Symantec Website Security Solutions Specialist status. The company is a partner of The Hague Security Delta (HSD) - the largest security cluster in Europe, which is cooperating with clusters in the United States, Canada, Singapore and South Africa.

Contact Information

Tel: +31 20 7640722

Email: info@leaderssl.com

SSLRank URLwww.sslcertificates.top

LeaderSSL store URLwww.leaderssl.com

20-02-18

Domain validation rules for issuing SSL certificates have been adjusted

A few days ago, the CA / B Forum, the industry regulator of SSL certificates, accepted by a majority vote proposal Ballot 218 associated with the removal of a several domain validation methods.

The major changes are related to section 3.2.2.4 of the main document "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates". This section contains the permitted processes and procedures for verifying the domain ownership rights for the applicant.

According to Tim Hollebeek from DigiCert, this section needs to be reworked, as it contains methods that do not meet the objectives of Section 3.2.2.4.

What changes were made to the document

  1. Contact information about the domain owner can be obtained directly from the domain name registrar, which was described in paragraph 1.6.1.
  2. From 1 August 2018, domain contact information should not be used to verify the applicant, and successful verification of contacts cannot serve as a reason for issuing certificates. A new section, 3.2.2.4.12, is introducing the idea of permitting to use contact domain data to verify the applicant, but only if the certification authority is a domain name registrar or a partner of the base domain name registrar.
  3. From 1 August 2018, the Domain Authorisation Document should not be used to verify the applicant, and a successful verification of this document cannot serve as a reason for issuing certificates.
  4. Removed section 3.2.2.4.11, describing alternative methods for domain verification.

The rest of the domain validation rules remain unchanged. 

Subscribe to our newsletters to keep informed of developments related to SSL!

Start a 14-day Free Trial

Try SSL certificate with a 14-day free trial and feel our great service It’s very easy to start - you don’t risk anything. If you will not like it, just dont pay after end of trial. No credit card required.

Are you ready to try?

Have any questions? Call us now +31 20 7640722

Leave your contact details to get the FAQ by email

A link to download the PDF version of the FAQ has been successfully sent to your email

Error sending mail. Please try again later.


By clicking «I Accept» you confirm that you have read and accepted the website Terms and Conditions, Privacy Policy, and Moneyback Policy.
*fields are required
SSL