Companies such as Symantec, Trend Micro, GlobalSign and Comodo are involved
Leading global certificate authorities – including Symantec, Trend Micro, GlobalSign, Go Daddy, Comodo, DigiCert and Entrust – have teamed up to create the Certificate Authority Security Council (CASC).The newly formed group is aimed at improving the understanding of critical policies and the potential impact on the Internet infrastructure through collaboration, public education and advocacy.
In a time when sophisticated cybercriminals pose a constant threat, CASC is determined to promote advanced security standards, encourage best practices and improve the development of a trustworthy SSL ecosystem.
The first order of business on CASC’s agenda are a series of educational and advocacy efforts, particularly focused on the importance of online certificate status checking and revocation.
CASC, which also supports the efforts of the CA/Browser Forum, wants to highlight the benefits of online certificate status protocol (OCSP) stapling for software vendors, web server administrators, end users, and browser developers.
This task will be accomplished through conference presentations, blog posts and other resources.
“SSL remains today the most widely deployed and successful cryptography system in the world,” explained Dean Coclin, steering committee, Certificate Authority Security Council.
“As a unified group of the world’s leading SSL providers, we’re collaborating on matters of highest priority, while also recognizing the value of previous and recent work to continually evolve the standards, and create an industry that understands the issues involved and is committed to making the necessary enhancements.”
Ben Wilson, chair of the CA/browser forum, added, “The CASC members are working actively with browsers and other parties to further improve existing methods that effectively balance performance and security while providing a trusted experience for all internet users.
“These collaborative efforts have led to important steps forward that help improve security practices, self-regulation, and globalize the adoption and implementation of stricter, more universal standards. We look forward to working with the CASC to set quality standards that raise the bar for everyone.”