www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Alexei Ivanov,

LeaderTelecom B.V.

Founder and CEO LeaderTelecom B.V.

The revolutionary changes

in the SSL industry in 2017

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Alexei Ivanov, MBAFounder and CEO LeaderTelecom B.V. (Amsterdam, The Netherlands)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Official strategic partner of

Official strategic partner with specialisation WSSP

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Our clients are located in 80 countries

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Amazing progress in HTTPS adoption has been made, with

a substantial portion of web traffic now secured by HTTPS:

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

SSL-Market Trends

Expansion of transparency logs

(Adding of all SSL-certificates)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Treatment of HTTP pages with password or

credit card form fields:

Up untill now (Chrome 53)

January 2017 (Chrome 56)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Displaying of HTTP sites in Google Chrome

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Beginning from 1 January 2017 all sites without SSL-certificates

involved in transmitting passwords or credit card details, will be

treated as unsecured in Google Chrome

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Moving from SHA-1 in favor of SHA-2

Firefox will display error for SHA-1 certificates in 2017

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Changes in Firefox security user experience.

Secure (HTTPS) connection

Non-secure (HTTP) connection

Up untill now

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Web pages which collect passwords but don’t use HTTPS

starting January 2017

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

In upcoming releases, Firefox will show popup message when a user

clicks into a username or password field

on a page that doesn’t use HTTPS

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Start SSL

Not trusted anymore

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Let's Encrypt

Great basic security instead of HTTP

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Advantages of Let’s Encrypt

• FREE, FREE, FREE

• Fully automated renewal process on a customer´s device

• It publishes certificates into CT logs

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Disadvantages of Let’s Encrypt

• No customers support

• Credibility supplied by a small CA IdenTrust

• There is a limit to a number of issued certificates

• A client is necessary, it is not possible to issue a certificate without

a running server (security breach?)

• It is dangerous to change server configuration automatically.

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Сlassification of SSL-Certificates

• Only domain verification required

• Ready in 5-15 minutes

1. DV-certificates (Domain Validation)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

• Domain and Organization Validation

• Issuance Time: 2-3 Business Days

2. OV-certificates (Organisation Validation)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

• The highest trust and conversions

• Extended company validation

• Green bar

3. EV-certificate (Extended Validation)

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

What is required for validation?

1. For Organization Validation (OV)

Company should be registered in D&B or your need to provide legal opinion

letter signed by attorney or Certified public accountant

2. For Extended Validation (EV)

Company should be legally registered in government business directory in

addition to OV certificate validation requirements

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

What is required for validation?

1. For Organization Validation (OV)

• The company needs to be legally registered with an official registration agency.

• We need to verify that the corporate contact person is a full time employee and that

they have an authority over the order.

• We also need to verify domain ownership to that the company enrolling

for the organisation has the rights to use the domain.

• We need to call the organization via 3rd party verified telephone number.

• Yes, it can be a number listed in Dun and bradstreet.

• goldenpages.be, Infobel

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Difference in CSR requests for different

types of SSL certificates

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

SEO & SSL

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Mixed content problem

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Useful tools

https://www.ssllabs.com/ssltest/

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Useful tools

https://www.leaderssl.be/tools/ssl_converter

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Intermediate SSL certificates

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Useful tools

https://www.leaderssl.be/tools/cert_chain_resolver

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

SSL certificate + Vulnerability scan =

Secure website

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Partnership program for hosting providers.

Earn more with LeaderTelecom!

• Profit growth by offering SSL-certificates to existing customers

• Professional support from the LeaderTelecom, prompt resolution

of any issues

• WHMCS module

Partner benefits:

• Increase profits by upselling effective security solutions;

• Conducting advertising campaigns, PR, case studies

www.leaderssl.nlE-mail: info@leadertelecom.nl | +31 20 7640722

Thank you!

www.leaderssl.nl

info@leadertelecom.nl

+31 20 7640722

Zekeringstraat 17 A, 1014 BM, Amsterdam,

The Netherlands