-
Certificate Management
-
What is Certificate Lifecycle Management?
-
How are Digital Certificates Managed?
-
What are the Five Stages in the Certificate Lifecycle?
-
What is a Certificate Manager?
-
Who Manages TLS/SSL Certificates in an Organization?
-
When Do You Need Certificate Management?
-
What are the Different Types of Public Certificates That Need to be Managed?
-
How Do You Identify Or Locate Public TLS/SSL Certificates Issued For Your Domains?
-
How Do You Automate Certificate Management?
-
-
Certificate Transparency
-
What is Certificate Transparency?
-
How does Certificate Transparency Work?
-
How do CAs Deliver CT Log Proofs?
-
What is the Status of Certificate Transparency (CT) Support for Logs, Browsers and CAs?
-
-
Code Signing Trust
-
What is Code Signing?
-
What are Code Signing Certificates?
-
What are the Different Types of Code Signing Certificates?
-
What Role Does PKI Play in Code Signing?
-
Can we Automate Code Signing?
-
What are Code Signing Best Practices?
-
What is Continuous Code Signing for CI/CD?
-
What is Continuous Code Signing for DevSecOps?
-
How do you Create and Enforce an Effective Code Signing Policy?
-
How do you Purchase a Code Signing Certificate?
-
-
Compliance
-
What is Compliance?
-
What is a Certificate Authority (CA)?
-
What is the Accredited Standards Committee X9 (ASC X9) and the International Organization for Standardization (ISO)?
-
What is the Certification Authority/Browser Forum (CA/B Forum)?
-
What is the Internet Engineering Task Force (IETF)?
-
What is the National Institute of Standards and Technology (NIST)?
-
What is the National Cybersecurity Center of Excellence (NCCoE)?
-
-
Cryptography
-
What is Cryptography or a Cryptographic Algorithm?
-
What is Public Key Cryptography?
-
What is SSL Cryptography?
-
What are Public-Key Encryption Algorithms?
-
What is RSA Cryptography?
-
What is Elliptic Curve Cryptography?
-
What are Pre-Shared Key Encryption Algorithms?
-
How Does a Public/Private Key Pair Work?
-
What is Post-Quantum Cryptography?
-
-
Domain Name Systems
-
What is DNS?
-
How does DNS lookup work?
-
What are DNS records?
-
What is my IP address?
-
What's the difference between recursive and authoritative DNS?
-
What is primary DNS?
-
What is dynamic DNS?
-
What is DNS propagation?
-
What is TLD?
-
What is TTL?
-
What is a TXT record?
-
What is an MX record?
-
How do you flush a DNS cache?
-
-
Email Trust
-
What is a Verified Mark Certificate (VMC)?
-
What Steps are Required to get a Verified Mark Certificate (VMC)?
-
What is DMARC?
-
What is BIMI and why is it important?
-
What is S/MIME or Encrypted Email?
-
What are Client Certificates?
-
-
-
What is Identity Trust?
-
How do Enterprises use PKI Every Day?
-
What is Private PKI vs. Public PKI?
-
-
-
What is the Open Connectivity Foundation (OCF)?
-
What is the PCI SSC?
-
How does AeroMACs and WiMax use PKI to ensure trust?
-
How does CableLabs use PKI to ensure trust?
-
How does Common Interface Plus use PKI to ensure trust?
-
What is the SAE?
-
What is the National Emergency Number Association?
-
What is the USB Implementers Forum?
-
What is the WInnForum?
-
What is the ZigBee Alliance?
-
What is Project CHIP?
-
-
IoT/Device Trust
-
What is the Internet of Things (IoT)?
-
What is IoT Device Identity Lifecycle Management?
-
What is the DigiCert IoT Trust Manager?
-
Why is IoT Device Management Important?
-
-
Public Trust and Certificates
-
What is SSL?
-
What is a Digital Certificate?
-
What is an Extended Validation (EV) SSL Certificate?
-
What is a Wildcard Certificate?
-
What is a Qualified Certificate?
-
What is a Verified Mark Certificate (VMC)?
-
What are the Validation Methods for TLS/SSL Certificates?
-
How Long are TLS/SSL Certificate Validity Periods?
-
What are Site Seals or Trust Marks?
-
What are CT Logs?
-
How do I Order a TLS/SSL Certificate?
-
How do I Install a TLS/SSL Certificate?
-
How do I Renew a TLS/SSL Certificate?
-
What is a TLS/SSL Handshake?
-
What’s the Difference Between Client Certificates vs. Server Certificates?
-
Are DigiCert TLS/SSL Certificates Compatible with my Browser?
-
What is a Multi-Domain (SAN) Certificate?
-
What is the DigiCert 30-day Money Back Guarantee?
-
-
Secure Signatures
-
What is an Electronic Signature?
-
What is a Digital Signature?
-
What's the Difference Between an Electronic Signature and Digital Signature?
-
What are the Levels of Assurance for Digital Signatures?
-
Which Type of Digital Signature Do I Need?
-
What is an Electronic Seal or eSeal?
-
What is an Electronic Timestamp?
-
How do I Verify my Identity to Sign a Document?
-
What is eIDAS?
-
What is a Qualified Electronic Signature?
-
Which Industries Benefit From Secure Signatures?
-
What is the European Technical Standard Institute (ETSI)?
-
What is a Trust Services Provider?
-
What is the Cloud Signature Consortium?
-
What is Identity Proofing?
-
Does DigiCert Work With Adobe?
-
-
SHA-2
-
Why Migrate to SHA-2 TLS/SSL Certificates?
-
Moving SHA-1 Certificates to the SHA-2 Hashing Algorithm
-
Are there compatibility issues with SHA-2?
-
SHA-2 FAQ
-
-
Subscriptions
-
How do subscriptions work?
-
What am I subscribing to?
-
What are the benefits to me as a customer?
-
What are the payment and subscription terms?
-
How do I cancel?
-
-
Trust and PKI
-
What is Digital Trust?
-
What is Public Trust?
-
What is Managed PKI?
-
What are PKI Certificate Types?
-
What is the PKI Certificate Validation Process?
-
Why is PKI Important and How Does it Increase Trust?
-
What is a Digital Certificate and Why are Digital Certificates Important?
-
Will DigiCert Digital Certificates Work With my Servers?
-
What is PKI as a Service?
-
-
Vulnerability Management
-
What is Crypto-Agility?
-
What is Always-On SSL?
-
What is a Vulnerability Assessment Scan?
-
What is a PCI Scanning Service?
-
What is a Blocklist Check?
-
What is Certificate Automation?
-
What is a Certificate Discovery Service?
-
What is the Difference Between Viruses, Worms and Trojan Horses?
-
What is Malware, Viruses, Spyware and Cookies?
-
What is HTTPS Everywhere?
-
What is cryptography or a cryptographic algorithm?
Cryptography involves the practice of encrypting and decrypting information to ensure it is kept private and secure from unintended parties. Cryptography was first used in about 1900 BC in Ancient Egypt with substituted hieroglyphics to secure communication. A cryptographic algorithm is the mathematical equation used to scramble the plain text and make it unreadable. They are used for data encryption, authentication and digital signatures.
There are three types of cryptography:
- Symmetric-key cryptography - Both sender and receiver share a single key and the sender uses this key to encrypt plaintext. The cipher text is sent to the receiver, and the receiver can apply this same key to decrypt the message and recover the plain text from the sender.
- Public-key or asymmetric cryptography –In public key cryptography (PKI), also known as asymmetric cryptography, there are two related keys called the public and private key. While the public key may be freely distributed, the paired private key must remain confidential. The public key is used for encryption and the private key is used for decryption.
The most used asymmetric cryptography algorithms are RSA and ECC. TLS/SSL certificates frequently use RSA keys, and the recommended size of these keys is continually increasing (e.g.1024 bit to 2048 bit) to maintain sufficient cryptographic strength. An alternative to RSA is ECC, which can offer the same level of cryptographic strength at much smaller key sizes, offering improved security with reduced computational and storage requirements.
- Hash-function – No key is used in this algorithm, but a fixed-length value is calculated from the plaintext, which makes it impossible for the contents of the plaintext to be recovered. Hash functions are often used by computer systems to encrypt passwords. A popular hash algorithm is 256-SHA.