SSL

Two factor options

11 September 2014 at 8:03pm

In some online services specific functions to be carried out present good use cases for adding increased assurance to the authentication of the user logging in to perform such a task, for example to sign domains with DNSSEC or for the approval of Extended Validation SSL certificate requests.

OU Field Update

Andrew Simpson

11 August 2020 at 9:39am

SSL

Certificate Service

Organization Unit

Please see further update from QuoVadis on the OU field Issue: Retiring the OU field for public TLS/SSL QuoVadis will turn off the Organizational Unit (OU) field for all new public TLS/SSL certificates starting on August 31, 2020 at 00:59. This will affect new, reissued, and renewed certificates. Existing certificates with OUs are not affected (and do not require revocation or replacement).

FAQ for change to domain validation process

Andrew Simpson

21 September 2018 at 10:46am

WE ENCOURAGE CUSTOMERS TO VALIDATE DOMAINS IN ADVANCE TO AVOID POSSIBLE LENGTHY DELAYS IN PROCESSING CERTIFICATE REQUESTS Q1) What is the change? From 1 August, new industry regulation states that Certificate Authorities (CAs) must no longer rely on checking a public WHOIS record to validate domain ownership. Instead, customers requesting a certificate must demonstrate a ‘positive interaction’ to show they have control over/ownership of the domain to be used in a certificate.

S/MIME Certificates For Digitally Signing Emails

Simon Cooper

13 February 2018 at 2:34pm

We're pleased to announce that from today the service can provide end user certificates, which are used for digitally signing and encrypting emails. These are called S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates. S/MIME are installed on email clients which then enable the end user to send digitally signed emails, giving recipients assurances that the email originated from the sender's account. By signing emails, recipients can also have confidence that the contents of the email has been been altered in transit.

Request S/MIME Certificate

Simon Cooper

Monday, January 23, 2017 - 16:13

Once you have the appropriate certificate credit on your organisation's Certificate Service account, you can proceed and request the required S/MIME email certificate, by clicking on the 'Request Certificate' tab in the JCS portal. The following steps apply: Request Certificate 1. Is the certificate for a primary or secondary school? Note: S/MIME certificates are not available for school owned domains.

Sub-LRA Agreement

Simon Cooper

Wednesday, November 25, 2015 - 09:58

The Jisc's Certificate Service's Terms and Conditions (found here https://community.jisc.ac.uk/library/janet-services-documentation/jcs-terms-and-conditions) includes a Sub-Local Registration Authority agreement. This is an agreement between the organisation as a member of the Certificate Service and Jisc, which is required as part of the service supported by QuoVadis CA, as the Certificate Authority signing issued certificates.

22 December 2014 at 12:07pm

Protecting Users and Systems in 2015

The steady growth in the use of encrypted communications seems likely to increase next year given recent announcements on both web browsers and servers. That's good news for security people worried that their users may be sending sensitive information such as passwords and credit card numbers over the Internet.

SHA-1 and Google Chrome

Simon Cooper

20 November 2014 at 4:56pm

SHA-1 and Google Chrome: 20 November 2014 On 18 November Google released Chrome 39 which will now result in users visiting web services secured with SHA-1 certificates that expire in 2017 being shown a grey padlock with a yellow warning triangle, instead of the usual recognisable green padlock.

SHA-256 service announcement

Simon Cooper

30 March 2015 at 1:32pm

Availability of SHA-256 certificates: 14 October 2014We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.