Skip to main content

Mozilla specifies two-factor authentication for CAs

(0 comments)

The Mozilla team is cracking down on the lax security of certificate authorities.  They have sent an email to CAs requesting information confirming security practices including two-factor authentication:

3) Confirm that multi-factor authentication is required for all accounts
capable of directly causing certificate issuance.

This is a great effort by Mozilla. 

I also appreciate Moxie Marlinspike's efforts to change the SSL game with Convergence, but already Chrome has said they will not support it (shame!).  With Mozilla's effort, they can actually drive the market forward.  With 40% of the market, CAs will want to be in Mozilla's root CA program.  If they meet these requirements, there will be more security in the land, which is good.  There are still significant issues with SSL though and if you are relying on certificates and SSL for the security of a web app or an SSL-VPN, then I recommend you also consider some form of mutual https authentication.

 

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom