Updated: March 27, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 31, 2015
Statement Date: March 31, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We check the existence of the applicant and ownership of the domain ourselves from publicly available registries and in addition request signed application from an authorised representative of the applicant. The issuance always involves human interaction at our side. We do not have resellers for TLS certificates.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 27, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 01, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
If you were read our CPS completely you were find that there is no possibility to issue SSL/TLS certificate without face to face meeting with applicant (domain owner) or person who is authorized (via power of attorney) by the domain owner (CPS CA Disig version 4.7 article 4.1.2.1 last bullet). There is also domain owner validation in place (CPS CA Disig version 4.7 article 4.1.2.2. and article 3.1.9).
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 07, 2015
Statement Date: April 07, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 01, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
DigiCert does not issue domain-only validated certificates. Instead, we believe the extra checks required by both OV and EV provide the extra assurances necessary to confirm issuance authorization. That's why DigiCert only issues OV and EV certificates. The out-of-bands communication required with these two levels of assurance assures that the organization controlling the domain actually authorized the issuance and prevents hijacked email addresses. In all cases, DigiCert validates the identity of a third party, that the identity has control over the domain, and that the issuance was authorized.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 30, 2015
Statement Date: March 30, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
When validating control or right to use a domain, we do not provide a list of emails to the applicant. In all cases, we validate the following: · Identity name with a third party · Identity has ownership or control of the domain · Authorization to issue the domain where contact with the applicant is done with a communication method which has been confirmed by a third party
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: March 31, 2015 Updated: March 31, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 27, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 01, 2015
Statement Date: April 01, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
If you read our CPS, located at: https://secure.identrust.com/certificates/policy/ts/identrust_trustid_cps_v2.3_2 0140109.pdf, you will find that Section 3.2, defines what we currently do. In a nutshell: · Verification of the Organization based on sections 3.2.2 and 3.2.2.1; · Verification of the PKI Sponsor’s Organization Affiliation based on section 3.2.2.2; · Verification of an Certificate request based on section 3.2.6; · Authentication of a Device identity based on section 3.2.7; · Verification against high risk and denied request lists based on section 3.2.7.1; · Verification of the authorization by Domain Name Registrant based on section 3.2.7.2 · Verification of DBA/Tradename based on section 3.2.7.3; · Verification of country code based on section 3.2.7.4; · Verification of control over entire namespace delimited by the FQDN of Wildcard Certificate on section 3.2.7.6; and · Verification of email based on section 3.2.5** Our process is multi-layered and the resulting certificate is the reflection of passing all the steps. In the particular topic of domain ownership, IdenTrust verifies the ownership by introducing the verification by an IdenTrust employee of information provided based on WHOis records. In exceptional cases, IdenTrust request practical demonstration of the control over the Domain Name.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 30, 2015
Statement Date: March 31, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 30, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: March 27, 2015 Updated: March 27, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: March 27, 2015 Updated: March 27, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 01, 2015
Statement Date: April 01, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
WE SecomTrust Systems do not issue DV certificate. We authenticate not only the owner of the domain but also the existence of the organization.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 02, 2015
Statement Date: April 02, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: April 07, 2015
Statement Date: April 04, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
Please note that we believe that the Trend Micro SSL product is not susceptible to this supposed vulnerability. We do not provide or support Domain Validated (DV) certificates from our product. We do leverage the domain based validation methodology for the management of domains within customer accounts but customers must have already passed either Organization Validation (OV) or Extended Validation (EV) vetting before they can use their accounts. Both OV and EV vetting require the manual validation of a customer’s corporate information and account administrator. In addition, Trend Micro only uses the specific email addresses allowed by the CA-Browser Forum Baseline Requirements Section 11.1.1 for confirmation of control of domains, which is the same method used by all other Certification Authorities and browsers worldwide. All our customers must also have a subscription account requiring an extended relationship with us removing the possibility of any ‘drive by’ transactional certificate issuances.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 25, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: March 26, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.