Google and its war for the safety of SSL certificates
The Comodo issue, which was stolen 9 numeric certificates of popular domains, motivates Google to strengthen the safety of its numeric certificates.
Google wants to protect itself from safety risks when it comes to the SSL certificates, the usurpation of which can deceive the user who nevertheless made sure of the authenticity of the site which he visits thanks to this «numeric passport “. The Comodo issue, the American supplier of numeric certificates shows it. Comodo was stolen 9 SSL certificates for domains in touch with Microsoft, Google, Yahoo, Mozilla or Skype. Google thus decided to strengthen the integrity of its Secure Sockets Layer certificates.
On the Google blog Online Security, Ben Laurie, chief engineer to Google, reveals two new projects intended in particular to avoid future incidents concerning the management of his numeric certificates. Google is ready to establish so an on-line catalog for SSL certificates. Ben Laurie explains that Google is going to use its software of Web exploration to examine sites and collect certain number of information on their certificates of safety.
Google plans then to integrate this information to the Google Certificate Catalog, a database of SSL certificates for the connections, allowing verifying the authenticity of the numeric certificates. Google also plans to collaborate with the workgroup DNS-based authentification of Names Entries (DANE), who elaborates a platform allowing to specify and to validate the signature of SSL certificates.
What a SSL certificate is HERE