• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Certificate Reputation for website owners


SGT Oddball

Member
Team Member
VIP Member
Pro User
Lost in France

Posts
431
#1
Last year, we introduced a new mechanism that Microsoft is building to better protect you against fraudulent certificates on the Web. In this blog post, we are going to explain how we will enable the broader community of site owners to participate in detecting fraudulent certificates and protecting your sensitive personal information on the Internet.

Background

Certificate Reputation allows Microsoft to collect server certificate samples based on telemetry from Windows users and examine them to infer reputation data that helps us protect IE users from fraudulent sites. You can learn more about how certificate reputation works in our post, “Certificate reputation, a novel approach for protecting users from fraudulent certificates.”

More eyes on data allows for better analysis, but confidentiality is also important

In order to provide an opportunity for Web site owners to analyze this data, we are planning to start sharing our certificate samples with their respective domain administrators. Given the sensitivity of this data, only the owners of the Web sites for which the certificates were issued can see those certificates. This allows the people with the best sense of what's expected to participate in monitoring certificate reputation, while preserving the confidentiality of the individual Web sites.

How will it work?

To see the list of certificates associated with a site, the administrator needs to have an account with the Bing Webmaster Tools and to prove that they own that domain name (as described here). After that, the list of certificates associated with the Web site will be available on the Bing Webmaster Tools dashboard and the administrator can download them for further investigation.

How does this help protect me?

Web site administrators are the best entities to decide on authenticity of certificates reported under their name. If a certificate is not issued correctly (or is fraudulent), the administrator can report it back to Microsoft via the Bing Webmaster Tools so that Microsoft can take appropriate actions, including involving the issuing CA for that certificate or informing other browsers.

Certificate Reputation is being rolled out in preview now in the Bing Webmaster Tools, and you can learn more in their blog post, "Track Certificates to Help Users Stay Safe." If your site uses SSL certificates, we encourage you to try it out and provide feedback via the Bing Webmaster Tools.

– Anoosh Saboori, Program Manager, OSG Enterprise Security
Source: MSDN Blogs
 

My Computer

System One

  • OS
    NT4 SP6
    CPU
    Cyrix 266 mmx
    Motherboard
    Jetway
    Memory
    32MB
    Graphics Card(s)
    Voodo
    Sound Card
    sb16
    Monitor(s) Displays
    14' CRT
    Screen Resolution
    800x600
    Hard Drives
    200mb Seagate
    PSU
    120w
    Mouse
    2 button
    Internet Speed
    33k

Users Who Are Viewing This Thread (Users: 0, Guests: 1)