Xolphin News RSS

Limitation of the duration of SMIME certificates cancelled

3 February 2022

In October last year it was announced that at the initiative of Apple, the validity term of S/MIME certificates would be limited to 2 years from April 1 this year.It now appears that the maximum permitted validity term is 3 years. This can be deduced from Apple's new guidelines for S/MIME certificates that will come into ...

Read more

OU fields deprecated in Sectigo certificates as of 1 July

26 January 2022

As of July 1, 2022, Sectigo will stop using the OU fields in its certificates. This change is the result of a policy change by the CA/Browserforum, which no longer allows the use of the OU field in its guidelines as of September 1, 2022. What is the OU field? OU stands for Organizational Unit, this is a field ...

Read more

Limitation validity term SMIME certificates

27 October 2021

After previous limitations in the validity term of SSL certificates, the validity term of e-mail or S/MIME certificates is now also limited to two years. S/MIME certificates are used for email signing and encryption, as well as for client authentication and signing Office documents. What exactly will change? Apple has announced a change in the term of ...

Read more

QWAC now also available at Xolphin

27 October 2021

From now on you can request eIDAS Qualified Website Authentication Certificates, in short QWAC, from Xolphin. These SSL certificates provide very reliable authentication of natural persons and organizations. In addition to TLS encryption, QWACs provide optimal certainty that behind a website or server is a natural or legal person who can be identified with reliable information. The issuer of the ...

Read more

PKIoverheid stops issuing publicly trusted SSL certificates

5 October 2021

At the beginning of August this year, Logius, the ICT management organization of the Dutch government, announced that it would stop offering publicly trusted SSL certificates by this year. These certificates are used by government organizations, but also, for example, in healthcare and by energy companies and transporters, for website identification and setting up a secure TLS connection. What is ...

Read more

Changes in Domain Control Validation procedure

1 September 2021

Changes to domain validation have been announced, which will take effect before the end of this year. This concerns changes in the file validation. This change is only relevant if you use file validation as the method for Domain Control Validation to request SSL certificates. What is Domain Control Validation? Domain Control Validation (DCV) is the process by which a ...

Read more

Google starts experimenting with removing padlock in Chrome browser

11 August 2021

Following the previous changes to the display of HTTPS in Chrome and other browsers, Google is now going a step further in Chrome: phasing out the well-known padlock in the address bar on secure websites. What is the cause? A secure HTTPS connection is now indicated in all browsers by a lock icon in the address bar. Research by ...

Read more

Increased key length code signing certificates from June 1

7 May 2021

The CA / Browser forum has tightened the requirements for code signing certificates. From June 1, 2021, a minimum key size of 3072 bits is required. At the moment the minimum key size is 2048 bits. The reason for this is to improve security in order to be better prepared for future technological progress that enables extra computing power. In this ...

Read more

Vulnerabilities found in OpenSSL

1 April 2021

In OpenSSL, frequently used software for setting up HTTPS connections, two vulnerabilities have recently been found that can lead to reduced accessibility of websites. Do you use OpenSSL? Check your OpenSSL version so that you can update quickly if necessary. What exactly is going on? An example proof-of-concept exploit was published on the widely used platform Github at ...

Read more

point up