Sectigo,
the world’s largest commercial Certificate Authority (CA) and a leader
in web security solutions, announced today its sponsorship of Internet
Security Research Group’s (ISRG) Let’s
Encrypt, a free, automated, and open CA run for the public’s
benefit. The sponsorship, which covers a large portion of the funding
needed for the non-profit organization to operate a new certificate
transparency (CT) log for one year, aids the broader worldwide security
landscape by expanding the number of CT logs available to CAs.
When a CA issues an SSL certificate, it must enter a record for that
certificate into two CT logs, providing visibility into what
certificates are being issued for specific domain names and adding value
for the entire security ecosystem. The added visibility that comes from certificate
transparency helps businesses examine activity on their own brand
names, allows for phishing monitoring using SSL certificates, and
provides researchers with more information to potentially understand
trends and usage patterns across the internet. CAs must log their
certificates to be trusted by Google Chrome and Apple.
The availability of additional CT logs helps ensure that CAs can
continue to log new certificates even if one log were to go offline.
“We are pleased to partner with Sectigo to build and maintain a new CT
log as a result of this sponsorship,” said Josh Aas, Executive Director,
Let’s Encrypt. “With Sectigo’s backing, we are able to offer an open,
high-volume, production CT log, making the internet safer and more
transparent.”
More information about the log, “Oak,” which is now publicly available,
can be found at: https://letsencrypt.org/ct-logs/
CT logs can alert users to malicious activity, as cybercriminals often
register a domain name similar to a known and trusted company name as a
means to leverage a recognizable brand to scam users into entering
confidential personal data. Adding certificates to these fake sites
furthers their similarity to the genuine sites they seek to mimic.
“As a member of the CA/Browser
Forum, Sectigo is committed to advancing internet security through
collaboration with other Certificate Authorities,” said Nick France, CTO
of SSL, Sectigo. “Sectigo’s sponsorship of Let’s Encrypt’s efforts to
bolster the CT ecosystem is another step in addressing the growing need
for certificate transparency tools. It’s an important example of how CAs
can work together to ensure the overall internet ecosystem is secure for
users and businesses worldwide.”
About Let’s Encrypt
Let’s Encrypt is a free, automated and open Certificate Authority
issuing digital certificates for website encryption. Let’s Encrypt is a
service provided by the Internet Security Research Group (ISRG), a
public benefit organization with a mission to reduce financial,
technological, and education barriers to secure communication over the
Internet. Let’s Encrypt helps secure over 150 million websites. For more
information or to offer your financial support, visit www.letsencrypt.org.
About Sectigo
Sectigo (formerly Comodo CA) provides web security products that help
customers protect, monitor, recover, and manage their web presence and
connected devices. As the largest commercial Certificate Authority
trusted by enterprises globally for more than 20 years, and more than
100 million SSL certificates issued in over 200 countries, Sectigo has
the proven performance and experience to meet the growing needs of
securing today’s digital landscape. For more information, visit www.sectigo.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190515005196/en/