Service Desk 0300 300 2212

                                                             Return to Janet Certificate Service home page

 

Latest Janet Certificate Service news

 

May 2012 - IMPROVED SECURITY FEATURE FOR JANET'S CERTIFICATE CUSTOMERS IS ANNOUNCED - 16/05/2012

 

Following a number of high profile security breaches at several Certificate Authorities (CA) in recent years, popular web browsers from Mozilla, Microsoft and Google have called for improved security measures to be implemented prior to SSL certificates being issued.

 

In May 2011, Janet announced that the industry is introducing an additional security feature called Domain Control Validation (DCV) which will reduce the risk of Certificate Authorities issuing certificates to unverified users.

 

On 30 May 2012, the Janet DCV process will be integrated into the Certificate Service. DCV is an email challenge-response mechanism that verifies that the SSL certificate requester owns/controls the domain to be included in the certificate.

  

WHAT DOES THIS MEAN FOR YOU?

 

The certificate requester will be asked to select one address listed in the Registrant Contact (reg-c) field of the domain's WHOIS record, or from the list of five generic email addresses below:

 

admin@

administrator@

hostmaster@

postmaster@

webmaster@

 

You will receive an email with a unique code that you will need to enter into a webpage, before Comodo issues your certificate.

 

This process increases security around the issuance of SSL certificates and as this process is automated customers will find that certificates will be issued much quicker than currently.

 

 

NEXT STEPS

 

Time to get ready - if you are due to apply for new certificates after 30 May 2012, you may need to clarify which generic email address can be used to receive the codes within your organisation.

 

Please note that this change will only apply to applications for new certificates. Existing certificates will not be affected by this change.

 

For further information, including the list of generic email addresses, please visit:

http://www.ja.net/services/jcs/dcv.html

or email the Janet Service Desk with any questions, at tag@ja.net

 

September 2011 - The Janet Certificate Service extends its reach to schools

Local authorities and Regional Broadband Consortia can now obtain SSL server certificates for schools within their authority.

After a successful pilot earlier this year, the Certificate Service has now been modified enabling local authorities and RBCs, across England, Wales and Scotland to obtain certificates through the service portal for .sch.uk domains.

In order to request certificates for school domains, the authority must subscribe to the Certificate Service. Once a member, you can request that schools within your catchment area are added to your account enabling the new school facility to be activated.

These server certificates are free to all organisations registered with the Certificate Service; the service has issued over 12,000 certificates to the research and education community in under 2 years, enabled savings of more than £1.5m to UK education and research

To find out more, please visit: www.ja.net/services/jcs/schoolextension.html

 

- May 2011 - Domain Control Validation proposal - 05/05/11 -

In response to the Comodo incident in March (as reported below), popular web browsers, such as those provided by Mozilla and Microsoft, are now requesting that Comdo introduce additional security procedures before certificates can be issued and service resumed to normal.

The extra security step is called Domain Control Validation (DCV) and requires the certificate requester to select an email address (from a list of generic email accounts based on the Fully Qualified Domain Name) to which a validation code is sent. The code must then be entered into an area on the CA’s website, before the certificate can be downloaded.

This type of additional security step is already implemented by some Certificate Authorities and could be ratified making it an industry-wide requirement. JANET(UK) is currently liaising with Comodo and we will keep all subscribers of the Janet Certificate Service updated with progress in this area.

For further information on the security proposal see http://www.ja.net/services/jcs/dcv.html

 

- March 2011 - last updated 31/03/11

There has been some coverage in the news over the blacklisting of certain SSL certificates issued by Comodo. An account belonging to a single reseller was compromised, and a limited number of certificates were falsely issued for high profile sites. More details are available from Comodo, Microsoft and Mozilla.

As a result of this incident, Comodo is implementing changes to their systems which are likely to cause up to 24 hours delay when processing certificate requests. Further information will be posted here when that changes.

All existing certificates issued through the Janet Certificate Service have not been affected in any way.

For further information please contact the Janet Service Desk, tag@ja.net

 

 

 

 

 

Privacy Policy | Web Admin
JANET(UK), Lumen House, Library Avenue
Harwell Oxford, Didcot, Oxfordshire
OX11 0SG