Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Verisign Site Seal Update - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Verisign Site Seal Update

Tim Callan (Verisign) sent us this note:
"VeriSign reports that many public-facing Web sites continue to implement an older and less secure version of VeriSign's popular security mark. Because the old VeriSign site seals were created and distributed prior to the rise of phishing, they did not contain the full set of anti-spoofing measures available in the newest version of the VeriSign Secured Seal. For the protection of online consumers, VeriSign is in the process of phasing out its old-architecture seals and moving forward with support only for the newest version of the VeriSign Secured Seal. Old-version seals are in a round, "gold or silver medallion" shape and call their verification page from https://digitalid.verisign.com. Latest-version seals contain the black VeriSign check mark in a red circle and the words VeriSign Secured and call their verification page from https://seal.verisign.com. All Web sites employing one or more VeriSign SSL Certificates in their validity period are entitled to display the VeriSign Secured Seal to improve site visitor confidence and increase visitor propensity to complete transactions. These customers can download the latest version of the VeriSign Secured Seal free of charge at  www.verisign.com/seal."
I will be teaching next: Defending Web Applications Security Essentials - SANS Security West 2019

Johannes

3508 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!