証明書透明性

証明書透明性 (証明書)

[1] RFC 6962 - Certificate Transparency ( 版) https://tools.ietf.org/html/rfc6962

[2] RFC Errata Report ( 版) http://www.rfc-editor.org/errata_search.php?rfc=6962

[4] Certificate Transparency - The Chromium Projects ( 版) http://www.chromium.org/Home/chromium-security/certificate-transparency

[5] Improving the Security of EV Certificates ( 版) https://a77db9aa-a-7b23c8ea-s-sites.googlegroups.com/a/chromium.org/dev/Home/chromium-security/root-ca-policy/EVCTPlanDec2014edition.pdf?attachauth=ANoY7creQdl_nw3iooZHI19S3GfajdGlpsHpHhzW38dGOMtVKKJw5TBOtXuvSpXK91JOYJ_P2cEO4kbgfDeO52Jp3-tZ4L3cUeWRaunQ8666LJQ3BfO2z3ip6fye2GfWGAhgZGjF9I9Ia7S6oo1ZhsklwE3CHZf9YjqLqogX0T_sSUWQbb5oOJPeykh0OVGliBTboZSeUk0vdzoySQeVuPE00phXTnk-igsLD0xO9o_nP_Q5hZw3gWt8OFMgxDGTWhQRAHFkymILyFYEn9ES5gqCKjT4VKPjGQ%3D%3D&attredirects=0

[6] Google Online Security Blog: Maintaining digital certificate security ( 版) http://googleonlinesecurity.blogspot.jp/2015/03/maintaining-digital-certificate-security.html

[7] Certificate Transparency ( 版) https://www.certificate-transparency.org/

[3] Chromium Blog: Chrome 53 Beta: Shadow DOM, PaymentRequest, and Android autoplay ( ()) http://blog.chromium.org/2016/08/chrome-53-beta-shadow-dom.html

Due to recent security issues, new certificates issued by Symantec Corporation or by CAs that chain to Symantec Corporation will no longer be trusted in Chrome unless accompanied with Certificate Transparency information.

[8] Certificate Transparencyについて勉強会で発表したので、その補足や落ち穂拾い - ろば電子が詰まっている () http://d.hatena.ne.jp/ozuma/20150516/1431769141

[9] WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued | The Daily Swig, https://portswigger.net/daily-swig/wordpress-sites-getting-hacked-within-seconds-of-tls-certificates-being-issued