Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Verisign Site Seal Update - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Verisign Site Seal Update

Tim Callan (Verisign) sent us this note:
"VeriSign reports that many public-facing Web sites continue to implement an older and less secure version of VeriSign's popular security mark. Because the old VeriSign site seals were created and distributed prior to the rise of phishing, they did not contain the full set of anti-spoofing measures available in the newest version of the VeriSign Secured Seal. For the protection of online consumers, VeriSign is in the process of phasing out its old-architecture seals and moving forward with support only for the newest version of the VeriSign Secured Seal. Old-version seals are in a round, "gold or silver medallion" shape and call their verification page from Latest-version seals contain the black VeriSign check mark in a red circle and the words VeriSign Secured and call their verification page from All Web sites employing one or more VeriSign SSL Certificates in their validity period are entitled to display the VeriSign Secured Seal to improve site visitor confidence and increase visitor propensity to complete transactions. These customers can download the latest version of the VeriSign Secured Seal free of charge at"
I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4479 Posts
ISC Handler
Apr 5th 2006

Sign Up for Free or Log In to start participating in the conversation!