News

The Certificate Authority Security Council (CASC) at the CA / Browser Forum in London announced the launch of a new initiative called the London Protocol.

From 30 June 2018, for PCI compatibility, site owners should refuse to support TLS 1.0. The TLS 1.0/1.1 and SSL 2.0/3.0 protocols are obsolete. They do not provide adequate protection for data transfer. In particular, TLS 1.0 is vulnerable to certain attacks. The above versions of the protocols must be removed in environments that require a high level of security.

At the Apple Worldwide Developers Conference (WWDC) 2018, the company made an important announcement: starting from 15 October, all SSL/TLS certificates should be included in public transparency logs. Otherwise, they will not be trusted by Safari and various Apple platforms.

On 8 May, Google opened the .app domain registration to the general public. As the name implies, these domains are intended for application developers, but you can register a domain for any other purposes.

We have already written a piece on the fact that Google plans to mark all HTTP-sites as unsecure (i.e. not secure). A few days ago, Google took another step in this direction - starting in September 2018, Google Chrome (version 69) will remove the word "Secure" from the address bar of the browser for all HTTPS sites.