Sponsor for PC Pals Forum

Author Topic: Microsoft to kill weak web certificates  (Read 2291 times)

Online Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Microsoft to kill weak web certificates
« on: September 10, 2012, 21:17 »
Website owners need to check and update their SSL certificates in order to avoid being shown as a security risk ahead of an upcoming security clampdown by Microsoft.

The warning comes ahead of a 9 October update that will address the strength of digital certificates used to authenticate sites and services, with shorter 512-bit encrypted keys no longer valid and blocked by Internet Explorer.

The issue was partially addressed in August, with an optional patch in Security Advisory 2661254, following a series of security issues caused by certificate flaws. Now, Microsoft will make the stricter rules on encryption key length apply across the board next month, with some older certificates no longer showing as being from a trusted site.

"Internet Explorer will show a warning similar to the one you would get for other SSL inconsistencies such as a 'Certificate not signed by an approved Certificate Authority'," said Wolfgang Kandek, CTO of security company Qualys. "There are also other possible impacts in email."

According to Kandek, the issue is likely to be limited to relatively few certificates, but the impact on those sites will be significant.

Read more: http://www.pcpro.co.uk/news/376822/microsoft-to-kill-weak-web-certificates#ixzz266G308jz
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft to kill weak web certificates
« Reply #1 on: September 11, 2012, 08:20 »
The funeral service will be held at... ;)
Slainthe!

Rik

Online Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft to kill weak web certificates
« Reply #2 on: September 11, 2012, 11:34 »
Surely, if it restricts use of websites in IE, people will just move to other browsers.  The average punter won't care about certificates. 
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft to kill weak web certificates
« Reply #3 on: September 11, 2012, 12:37 »
A bit like the average employer.
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Microsoft to kill weak web certificates
« Reply #4 on: October 23, 2012, 22:06 »
I bet a bunch of M$ sites will go down!
- sam | @starrydude --

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Microsoft to kill weak web certificates
« Reply #5 on: October 23, 2012, 22:22 »
 :pmsl:

Online Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft to kill weak web certificates
« Reply #6 on: October 23, 2012, 22:33 »
 :)x
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:


Show unread posts since last visit.
Sponsor for PC Pals Forum