Weblogic Authors: Yeshim Deniz, Elizabeth White, Michael Meiner, Michael Bushong, Avi Rosenthal

Related Topics: Cognitive Computing

Cognitive Computing : News Item

Comodo Certificate Status Protocol Is Timely, Accurate

Real-Time Certificate Checks Do Not Rely on Certificate Revocation Lists

A manager gives a key to an employee so the employee can drive a locked truck. The manager controls use of the key and the equipment; if the employee leaves the company, or if the employee dies, the manager is responsible to get the key back or change the locks.

But when the employee is instead driving a truckload of information down the information superhighway, handing out and retrieving the key can be more complicated.

Businesses protect their digital information in transit using Public Key Infrastructure.

Public Key Infrastructure is based on the idea of two “keys” for each server or mailbox. The first key is public, available for wide distribution, and for example this key might be included in every email you send. The second is “private.” The private key is kept secret. You never show this private key to anyone, but you use to sign or encrypt information.

Digital certificates are small electronic documents which are the best way to share your public key. They are nearly impossible to usefully forge because they are signed (think “certified”) by a Trusted third party such as Comodo.

With the encryption facilitated by SSL or by encrypted email the employee can send or receive information securely. Even from a wireless-enabled laptop at a truck stop.

The manager’s problem crops up again if the employee suddenly leaves the company. With a certificate using the employee’s private key, an employee who is no longer entitled to it can still access privileged information.

Certificate authorities have addressed this problem by regularly issuing “Certificate Revocation Lists” or CRLs. When the employee’s certificate is rendered invalid, the certificate authorities add it to their lists, nullifying communications that attempt to use the certificate.

A sleeker and more secure method of nullifying the certificates is the Online Certificate Status Protocol or OCSP. This protocol allows computers to check the status of certificates in real time. The computers access servers that respond to requests for status checks; the servers are called OCSP Responders.

Comodo, the second-largest issuer of high assurance digital certificates, offers OCSP as a standard feature. Its OCSP responder has been developed in-house, designed to be stable, fast and scalable.

Unlike other Certificate Authorities and OCSP Responders, Comodo’s response is not based on the CRL. Unlike most other Certificate Authorities, Comodo is able to sign each OCSP Response using the same Certificate Authority that signed each certificate. This reduces by 75% the amount of data that the OCSP Responder needs to return to the customer.

Specifically, since Comodo’s OCSP Response does not depend on the CRL, it can accurately identify a questioned certificate as “good,” “revoked,” or “unknown.” OCSP responders checking only the CRL can only respond “revoked,” for certificates already on the CRL, or “unknown” for all other certificates.

Most important, whenever a new certificate is issued, or an old one is revoked, Comodo’s OCSP Responder receives and acts upon the information within a few minutes. CRL-based OCSP Responders only find out about the certificate status changes as many as 24 hours later when the next CRL is published.

For more information, visit  http://www.comodo.com/index.html.

More Stories By Katharine Hadow

Katharine Hadow is a marketing communications professional in New Jersey, USA

IoT & Smart Cities Stories
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?