GlobalSign SSL & EV SSL Certificates not susceptible to latest SSL vulnerabilities
The number one Null Personality attack, as highlighted by security analyst Moxie Marlinspike, permits assailants to fool browsers into believing an issued Certificate could be used on a domain to which it’s not really been issued. This attack could allegedly be utilized in phishing and masquerading attacks. GlobalSign Certificates don’t permit the / nil personality to be utilized in applications, and therefore GlobalSign SSL Certificates are not at the mercy of this kind of attack.
Dan Kaminsky, director of penetration testing for IOActive, presented that Certificates using the Message Digest Algorithm two ( MD2 ) might be subject to pre-image attacks shortly. GlobalSign Certificates have not utilized the MD2 algorithm and have been using the SHA-1 algorithm for a number of years, an algorithm designed by the nation’s Security Agency ( NSA ) and generally accepted by industry and Presidency as secure.
This is one of the longest uses of SHA-1 by any major Certificate Authority. So again, GlobalSign SSL isn’t subject to this weakness. “GlobalSign has been issuing Certificates to supply the strongest SSL security since 1996, and we were one of the first Certificate Authorities to have the foresight to form and distribute a 2048 bit Root Certificate, “asserts Steve Waite, Promoting Director with GlobalSign, “the fact that we already protect against these new weaknesss, as well as provide further assurances against future attacks with 2048 bit Root Certificates and free SGC security re-enforces our 12 year-plus dedication to providing the strongest SSL security for our customers.
Established in 1996 and as a WebTrust accredited public certificate authority, GlobalSign offers publicly trusted SSL, including EV SSL Certificates, S/MIME and Code Signing Certificates for use on all platforms including mobile devices. Its Trusted Root solution uses the widely distributed GlobalSign Root CA certificates to provide immediate PKI trust for Microsoft CA and enterprise CAs, eliminating the costs associated with using untrusted Root Certificates. Its partnership with Adobe to provide Certified Document Services (CDS) enables secure digitally signed PDF e-documents. These core Digital Certificate solutions allow its thousands of customers to conduct secure online transactions and data transfer, distribute tamper-proof code, and bind identities to client certificates for email security and remote two factor authentication. The company has a history of innovation within the online security market and has offices in the US, UK, Belgium, Japan, and China.