DigiCert

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Template:Short description Template:Advert Script error: No such module "Unsubst".Script error: No such module "Infobox".Script error: No such module "Check for conflicting parameters".Script error: No such module "Check for unknown parameters". DigiCert, Inc. is a digital security company headquartered in Lehi, Utah.[1] DigiCert provides public key infrastructure (PKI) and validation required for issuing digital certificates or TLS/SSL certificates, acting as a certificate authority (CA).

History

File:Firefox 89 AboutCertificate screenshot.png
Example of a DigiCert issued wildcard certificate for *.wikipedia.org

DigiCert was founded by Ken Bretschneider in 2003 and sold in 2012.[2][3][4] Bretschneider stepped down from the position of CEO to retain business strategy oversight as executive board chairman while Nicholas Hales became CEO.[5][6] In 2016, the company named John Merrill CEO,[7] who left the company in 2022.[8]

In 2005, DigiCert became a founding member of the CA/Browser Forum.[9]

In 2007, DigiCert partnered with Microsoft to develop the industry's first multi-domain (SAN) certificate.[10]

In 2015, DigiCert acquired the CyberTrust Enterprise SSL business from Verizon Enterprise Solutions. Following the acquisition, DigiCert expanded its market share in high-assurance or extended validation (EV) TLS/SSL certificates(EV) TLS/SSL certificates.[11]

On August 28, 2015, private equity firm Thoma Bravo acquired a majority stake in DigiCert, with TA Associates holding a minority share.[12]

In 2017, DigiCert acquired the TLS/SSL and PKI businesses from Symantec, including brands GeoTrust, Rapid SSL (part of GeoTrust), Thawte and Verisign[13] The acquisition resulted from questions first raised in 2015 by web browsers Google and Mozilla about the authenticity of certificates issued by Symantec, which represented one-third of all TLS/SSL certificates on the web.[14][15] In September 2017, Google and Mozilla announced they would "reduce, and ultimately remove, trust in Symantec's Root Keys in order to uphold user's security and privacy when browsing the web".

The final distrust deadline for certificates chaining to Symantec roots was set for October 2018.[16] Symantec agreed to transfer its certificate business to its top TLS/SSL competitor, DigiCert, whose roots were trusted by browsers.[17] In December 2017, DigiCert began issuing free replacements for all distrusted certificates from Symantec, GeoTrust, RapidSSL, Thawte, and VeriSign. By Oct. 2018, the company had revalidated more than 550,000 organizational identities and issued more than 5 million replacement certificates for affected customers.[18]

In 2018, DigiCert acquired QuoVadis, a trust service provider (TSP) headquartered in Switzerland offering qualified digital certificates, PKI services, and PrimoSign electronic signature software.[19] Qualified digital certificates from QuoVadis (now backed by DigiCert) comply with eIDAS, a set of EU standards for electronic transactions requiring legal proof of authentication. The EU Payment Services Directive mandated that banks and other financial institutions operating in Europe begin using qualified digital certificates by Jun. 2019. According to DigiCert, "the QuoVadis acquisition aligns with the company's vision of providing globally dispersed and robust PKI-based solutions with local support."[20]

In 2019, the company announced a new R&D division called DigiCert Labs. DigiCert Labs will collaborate with other enterprise labs – including Microsoft Research, Utimaco, ISARA, and Gemalto – and make grants to universities for the study of topics related to authentication, data integrity, encryption and identity. Initial research projects will focus on post-quantum cryptography and machine learning.[21] In 2019, DigiCert also launched the first post-quantum computing tool kit.[22]

In 2019, Clearlake Capital Group, L.P., a leading private investment firm, and TA Associates, an existing investor, reached an agreement to make a strategic growth investment in DigiCert. As part of the transaction, Clearlake, and TA Associates become equal partners in the company.[23][24]

In January 2022, DigiCert acquired IoT security company Mocana.[25] In June 2022, the company acquired DNS Made Easy, a DNS services provider.[26]

On October 19, 2022, DigiCert named Dr. Amit Sinha as CEO and board member.[8] Amit had previously led technology and innovation at the cloud security company Zscaler the previous 12 years.

Industry involvement

DigiCert is involved in industry and regulatory groups and projects,[27][28][29] such as:

Criticism

DigiCert Inc. is not related to Digicert Sdn. Bhd, a Malaysian-based certification authority that issues certificates with weak keys and had its trust revoked by web browsers.[41][42][43]

DigiCert faced criticism during its 2017 acquisition of Symantec's certificate business. The acquisition was prompted by concerns from major web browsers about the authenticity of certificates issued by Symantec, leading to a reduction in trust for Symantec's root keys. DigiCert moved Symantec customers to its platform while maintaining the validity of existing certificates during the transition.[44]

In 2019, Google security researcher Scott Helme found approximately a million dollars worth of extended verification certificates that needed to be revoked due to faulty data, a significant portion of which were DigiCert certificates.[45][46]

In 2022, DigiCert was condemned by Scott Helme for pushing[47] QWAC scheme of certificate similar to EV certificates that undermined trust in certificates.[48][49][50]

References

<templatestyles src="Reflist/styles.css" />

  1. Script error: No such module "citation/CS1".
  2. Script error: No such module "citation/CS1".
  3. Script error: No such module "citation/CS1".
  4. Script error: No such module "citation/CS1".
  5. Script error: No such module "citation/CS1".
  6. Script error: No such module "citation/CS1".
  7. “DigiCert names CEO”. Daily Herald. Retrieved 2019-02-28.
  8. a b Script error: No such module "citation/CS1".
  9. a b Script error: No such module "citation/CS1".
  10. Script error: No such module "citation/CS1". Script error: No such module "Unsubst".
  11. “DigiCert Acquires Verizon Enterprise SSL Business”. DigiCert.com. Retrieved 2019-03-01.
  12. Script error: No such module "citation/CS1".
  13. Script error: No such module "citation/CS1".
  14. Script error: No such module "citation/CS1".
  15. Script error: No such module "citation/CS1".
  16. “Chrome’s Plan to Distrust Symantec Certificates”. Google. Retrieved 2019-03-05.
  17. "DigiCert Closes Acquisition of Symantec's Website SSL Security Unit". eWeek. Retrieved 2019-03-11.
  18. Script error: No such module "citation/CS1".
  19. Script error: No such module "citation/CS1".
  20. Barker, Sara. “DigiCert’s QuoVadis acquisition extends PKI expertise in Europe”. SecurityBrief EMEA. Retrieved 2019-03-05.
  21. Barker, Sara. “DigiCert Labs to research postquantum cryptography and ML”. SecurityBrief EMEA. Retrieved 2019-02-28.
  22. Script error: No such module "citation/CS1".
  23. Script error: No such module "citation/CS1".
  24. Script error: No such module "citation/CS1".
  25. Script error: No such module "citation/CS1".
  26. Script error: No such module "citation/CS1".
  27. Script error: No such module "citation/CS1".
  28. Script error: No such module "citation/CS1".
  29. Script error: No such module "citation/CS1".
  30. Script error: No such module "citation/CS1".
  31. Script error: No such module "citation/CS1".
  32. Script error: No such module "citation/CS1".
  33. Script error: No such module "citation/CS1".
  34. Script error: No such module "citation/CS1".
  35. https://www.digicert.com/content/dam/digicert/pdfs/ci-plus-tv-case-study.pdf Template:Bare URL PDF
  36. Script error: No such module "citation/CS1".
  37. Script error: No such module "citation/CS1".
  38. Script error: No such module "citation/CS1".
  39. Script error: No such module "citation/CS1".
  40. Script error: No such module "citation/CS1".
  41. Script error: No such module "citation/CS1".
  42. Revoking Trust in DigiCert Sdn. Bhd Intermediate Certificate Authority, Mozilla. "DigiCert Sdn. Bhd is a Malaysian subordinate CA under Entrust and Verizon (GTE CyberTrust). It bears no affiliation whatsoever with the US-based corporation DigiCert, Inc., which is a member of Mozilla's root program."
  43. Microsoft Security Advisory (2641690) "DigiCert Sdn. Bhd is not affiliated with the corporation DigiCert, Inc., which is a member of the Microsoft Root Certificate Program."
  44. Script error: No such module "citation/CS1".
  45. Script error: No such module "citation/CS1".
  46. Script error: No such module "citation/CS1".
  47. Script error: No such module "citation/CS1".
  48. Script error: No such module "citation/CS1".
  49. Script error: No such module "citation/CS1".
  50. Script error: No such module "citation/CS1".

Script error: No such module "Check for unknown parameters".

External links

  • Script error: No such module "Official website".Script error: No such module "Check for unknown parameters".
Retrieved from "http://debianws.lexgopc.com/wiki143/index.php?title=DigiCert&oldid=7966051"