Microsoft’s launch of Certificate Reputation

Created on Apr 17 2015, 9:50 PM by Dean Coclin

A few weeks ago, Microsoft launched a new addition to their Bing Webmaster Tools which allows website operators to monitor their web domains to help insure there are no improperly issued SSL certificates.

This is a great benefit to those owners because:

  1. It’s easy to use and Microsoft monitors this for free

  2. The Certificate Authorities do not need to do anything special. Certificates are automatically monitored by Microsoft

  3. It’s integrated into the Bing Webmaster toolset. There is no need to sign up separately for the service

  4. It works for all types of SSL certificates, not just EV

However, there are a few limitations today:

  1. This is currently a “preview” and only collects data from users on Windows 10 which itself is currently only in a preview release. Hence the data is limited. However, this will improve with the formal release of Windows 10.

  2. The data that Microsoft is gathering is not made public which prevents the public at large from also seeing the certificates. However, the need being addressed is that of website owners.

More details are in this Microsoft blog.

Trust continues to be enhanced in the Browser/Certificate Authority ecosystem (as discussed in this prior blog) and Certificate Reputation is another tool (along with Certificate Authority Authorization-CAA, Certificate Transparency-CT, and Public Key Pinning) along this path.

  • Products
  • Symantec Enterprise Security
  • Thought Leadership
  • Symantec Website Security
  • SSL
  • Identity and Authentication Services
  • DigiCert Code Signing
  • certificates
  • Security Community Blog