About Thawte

News

OCSP stapling procedures increase network security and speed

Cybercriminals are becoming more sophisticated with each passing year. Law enforcement and website security experts are constantly trying to protect sensitive data, but sometimes it can seem as if hackers will simply outflank network defenses. With the grave implications a massive data breach within certain sectors both public and private would have for the nation, internet security is an issue that concerns everyone. Several competing certificate authorities have recently come together in order to promote better safety protocols, particularly wider implementation of Online Certificate Protocol (OCSP) stapling.

The recently formed Certificate Authority Security Council, devoted to implementing better SSL practices among network administrators and browser developers, has made its initial goal to promote the wider adoption of OCSP stapling procedures. This fail-safe process, which is currently widely available, allows clients to check the authenticity of an SSL certificate in real time. However, the modern iteration of the internet has generally valued convenience and connection speed over security. For instance, some browsers will simply accept a certificate if the OCSP validation request fails because of a network issue, potentially opening the door for invalid or expired certificates to pass through revocation checks. OCSP stapling would counter this vulnerability by periodically updating the web server with a cache of valid certificates. Instead of waiting for the server to contact the certificate authority, the browser will immediately have the information needed to verify the legitimacy of a certificate.

In addition, implementing OCSP stapling measures would decrease the time needed to process authentication requests. Since servers would no longer need to connect to certificate authorities anytime a verification was needed, the authentication process would take less time to complete. According to one industry provider, implementing OCSP stapling protocols could increase HTTPS performance by 30 percent. Faster internet connections are always appreciated, but the real promise of OCSP stapling is its ability to facilitate the defense of networks through SSL encryption.

Protect your sensitive data today by getting your SSL certificate.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?