How DigiCert's CSO Looks at SSL/TLS Security

VIDEO: Jason Sabin, chief security officer at DigiCert, discusses the challenges and the opportunities for security today and for the coming Internet of things world.

At the core of many modern security mechanisms of online security is the TLS (Transport Layer Security) protocol and the Certificate Authorities (CAs) that sell and manage SSL/TLS certificates. One such CA is DigiCert which helps to secure some of the largest and most well-known organizations in the world, including IBM, Sony, Facebook VMware, Intel and Harvard University.

Helping to secure DigiCert and its customers from security risks is DigiCert's Chief Security Officer (CSO) Jason Sabin. In a wide-ranging video interview with eWEEK, Sabin discusses the current state of SSL/TLS security and some of the future opportunities for improvement that are on the horizon.

Many CSOs will report to the CIO of an organization, but that's not the reporting structure for DigiCert. Instead, Sabin said he reports directly to the CEO. Sabin is responsible for the security infrastructure of DigiCert, which involves multiple activities.

"We are the trusted authority to issue digital certificates," Sabin said. "We're always looking at new ways to increase validation."

One area of infrastructure that is important for DigiCert and millions of Internet users are DigiCert's OCSP (Online Certificate Status Protocol) responder servers. OCSP is a protocol used by modern Web browsers to check and verify the status of a Website's TLS certificate.

"We have OCSP distributed across data centers everywhere," Sabin said. "It makes for a very fast and speedy response."

Watch the full video with Jason Sabin, chief security officer at DigiCert, below:

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.