Today, Symantec announced it is expanding support for Certificate Transparency to all SSL/TLS certificate types and customer channels, a key piece of the puzzle in providing customers globally with strong certificate management capabilities.
Certificate Transparency (CT) is an open framework that was created to help organizations get a comprehensive view of what active certificates exist for domains that they own. It’s extremely critical that organizations have a clear and complete view of these certificates to enable straightforward policy enforcement and to be able to quickly respond to threats like man-in-the-middle attacks.
As announced previously, we first added support for Certificate Transparency to all Symantec, Thawte, and GeoTrust Extended Validation (EV) certificate offerings in December 2014. As a next step in CT, we have now expanded support to our Organization Validation (OV) products under each of these brands and will be adding support for all of our Domain Validated (DV) products in late February 2016. CT Support will be rolled out in its entirety by mid-March when it will also be added to our Japan-specific platforms.
For Certificate Transparency to be truly effective, logging of certificates needs to be done by all Certification Authorities (CAs) for all publicly-trusted certificates. Symantec has started the dialog with the other key players in the SSL/TLS ecosystem to make CT support a requirement of the CA/Browser Forum Baseline Requirements. Further, to increase the adoption of Certificate Transparency and to make it easier for other CAs to support CT, Symantec now allows third party CAs to log their SSL/TLS certificates to Symantec’s CT servers as well.
Symantec is focused on continually strengthening certificate management and controls for our customers and within the SSL/TLS certificate ecosystem. Learn more about these latest improvements in Certificate Transparency.