RCS - GlobalSign - GlobalSign Advises Businesses to Be Prepared

FatfishAnnouncement

20/06/2023 10:15

For best results when printing this announcement, please click on link below:
http://newsfile.refinitiv.com/getnewsfile/v1/story?guid=urn:newsml:reuters.com:20230620:nRST2792Da&default-theme=true

RNS Number : 2792D  GlobalSign  20 June 2023

A leading Certificate Authority alerts industries about upcoming multiple cyber security developments in a market relied upon by millions of organizations worldwide

BOSTON, MA and LONDON, UK / ACCESSWIRE / June 20, 2023 / Later this year, and
into 2024, there will be significant changes within the Public Key
Infrastructure (PKI) marketplace and organizations of all types should be
aware of these changes according to GMO GlobalSign, Inc
(https://pr.report/tQ9fsjKV) ., a global Certificate Authority (CA) and
leading provider of identity security, digital signing and IoT solutions.These
significant changes involve several critical areas: Google's move to reduce
the lifespan of SSL/TLS certificates, new CA/Browser Forum Baseline
Requirements for email security, and mandatory Root changes issued by Mozilla.
The upcoming changes will create significant impact on industries who are
using PKI - relied on millions of businesses worldwide. These shifts will
require companies to adapt their PKI to ensure continued security compliance.

Transition to 90-Day SSL/TLS Certificates

Organizations relying on PKI need to be informed of Google's announcement on
March 3 (https://pr.report/qP015sCl) , proposing a mandatory maximum validity
limit of 90 days (https://pr.report/GZvsDgh3) on SSL/TLS certificates. The
current lifecycle of SSL/TLS certificates is 398 days. Companies are strongly
advised to evaluate their certificate lifecycle processes now and be prepared
for these changes to remain secure. These developments may force businesses to
restructure their IT Infrastructure and have new technologies in place,
specifically automation to ensure continued certificate lifecycle management.

"Website admins will need to move towards automation if/when the Google
proposed 90-day maximum certificate validity and domain re-use goes into
effect. It's going to become increasingly difficult to replace certificates
using manually generated CSRs and subsequent certificate installations as the
validity period and domain revalidation periods shorten," said Doug Beattie,
Vice President, Product Management, GlobalSign. "Technologies such as
GlobalSign's ACME offering helps automate certificate lifecycle functions and
reassures certificates are being automatically replaced using fully automated
processes before they expire. This keeps companies secure and prevents their
websites from using expired certificates which results in loss of business."

S/MIME Baseline Requirements Changes

In January, the CA/B Forum (https://pr.report/TCfIBXDg) , a consortium of
browser makers, certificate authorities, and other organizations in the
digital certificate ecosystem, agreed on a new set of standards called the
"Baseline Requirements for the Issuance and Management of Publicly-Trusted
S/MIME Certificates (https://pr.report/UXY-wfas) " to provide the detailed
industry requirements for S/MIME certificates. The new standards result in a
change that will be effective on September 1. This will mean standardized
certificate profiles which will require additional organizational or
individual validation and, in some cases, CAs will need to replace their
current S/MIME CAs with new, compliant ones. Having an industry standard for
S/MIME (https://pr.report/UWIhwaGj) certificates improves interoperability and
security and parallels what's been done for TLS and Code Signing certificates.

Mozilla Plans to Distrust Old Root Certificates

Mozilla has announced plans to remove the SSL/TLS and S/MIME trust bits in
Roots when they are 15 and 18 years old respectively. The step is being taken
because some of the older Roots do not meet current Root requirements and to
promote cryptographic agility. The GlobalSign Root R1 and R3 will have their
SSL/TLS trust bits removed in April 2025 and April 2027 respectively. As a
result, we will stop issuing SSL/TLS certificates under these Roots in 2024
and 2026. Further details about GlobalSign's plans will be available later
this year.

Experience, Knowledge and Reliability

With 27 years of expertise GlobalSign is your reliable source for
recommendations, regardless of an organization's size, on how best to navigate
these significant industry changes. Given that companies using PKI do not have
any choice in the changes being made to public certificates, it is a critical
for businesses to adjust their PKI security and automation posture as soon as
possible to remain resilient.

Beattie added: "We understand the worries these changes create, especially
with smaller companies. But there is a silver lining: At GlobalSign, we are
prepared to take every customer step-by-step on this journey and they can be
assured we will equipe them with the methods and services it requires whether
they are an enterprise, SMB or Service Provider. That way it allows every
business to operate in a similar way in the future, to how they do business
today without the impact of these changes being so dramatic."

About GMO GlobalSign

As one of the world's most deeply-rooted certificate authorities, GMO
GlobalSign is the leading provider of trusted identity and security solutions
enabling businesses, large enterprises, cloud-based service providers, and IoT
innovators worldwide to conduct secure online communications, manage millions
of verified digital identities and automate authentication and encryption. Its
high-scale Public Key Infrastructure (PKI) and identity solutions support the
billions of services, devices, people, and things comprising the IoT. GMO
GlobalSign is a subsidiary of GMO GlobalSign Holdings
(https://pr.report/wdPQvUHO) , Inc, a member of the Japan-based GMO Internet
Group (https://pr.report/WPYkNts7) , and has offices in the Americas, Europe
and Asia. For more information, visit https://www.globalsign.com.
(https://pr.report/2wODSGfv)

Media Relations Contact

Amy Krigman,

Director of Public Relations, West Region
amy.krigman@globalsign.com (mailto:Amy.krigman@globalsign.com)

SOURCE: GlobalSign

 

This information is provided by Reach, the non-regulatory press release distribution service of RNS, part of the London Stock Exchange. Terms and conditions relating to the use and distribution of this information may apply. For further information, please contact
rns@lseg.com (mailto:rns@lseg.com)
 or visit
www.rns.com (http://www.rns.com/)
.

RNS may use your IP address to confirm compliance with the terms and conditions, to analyse how you engage with the information contained in this communication, and to share such analysis on an anonymised basis with others as part of our commercial services. For further information about how RNS and the London Stock Exchange use the personal data you provide us, please see our
Privacy Policy (https://www.lseg.com/privacy-and-cookie-policy)
.   END  NRAFIFVVRDIIFIV