Google’s Certificate Transparency project aims to fix several structural flaws in the SSL certificate system, which, if left unchecked, could facilitate a wide range of security attacks, such as website spoofing, server impersonation and man-in-the-middle attacks. Google said that CT helps eliminate these flaws by providing an open framework for monitoring and auditing SSL certificates in near real time.
“We’re pleased to receive DigiCert’s declaration of support for CT and are encouraged by their continued work with us to help improve online trust and security,” Ben Laurie, creator of CT and software security engineer at Google said. “This is an important step that we hope other CAs will follow as we look to provide greater structural integrity to the SSL/TLS Certificate system.”
The SSL certificate system has long been target of criticism around inadequate security, but DigiCert believes CT is an important step in enhancing online trust, and plans to add SSL certificates to a public CT log by the end of October. It has been working with Google engineers for several months to test code, provide feedback on proposed CT implementations and build support for CT into its systems.
“DigiCert’s business is built on trust, and we are committed to lead the industry toward better practices that enhance online security,” DigiCert CEO Nicholas Hales said. “Certificate Transparency accomplishes this goal by shining a light on certificate issuance practices and building in a scalable early detection system that relies upon trusted, widely used technologies and standards. We applaud Google for its forward-thinking mindset in advancing CT closer to implementation.”