At the core of many modern security mechanisms of online security is the TLS (Transport Layer Security) protocol and the Certificate Authorities (CAs) that sell and manage SSL/TLS certificates. One such CA is DigiCert which helps to secure some of the largest and most well-known organizations in the world, including IBM, Sony, Facebook VMware, Intel and Harvard University.
Helping to secure DigiCert and its customers from security risks is DigiCert’s Chief Security Officer (CSO) Jason Sabin. In a wide-ranging video interview with eWEEK, Sabin discusses the current state of SSL/TLS security and some of the future opportunities for improvement that are on the horizon.
Many CSOs will report to the CIO of an organization, but that’s not the reporting structure for DigiCert. Instead, Sabin said he reports directly to the CEO. Sabin is responsible for the security infrastructure of DigiCert, which involves multiple activities.
“We are the trusted authority to issue digital certificates,” Sabin said. “We’re always looking at new ways to increase validation.”
One area of infrastructure that is important for DigiCert and millions of Internet users are DigiCert’s OCSP (Online Certificate Status Protocol) responder servers. OCSP is a protocol used by modern Web browsers to check and verify the status of a Website’s TLS certificate.
“We have OCSP distributed across data centers everywhere,” Sabin said. “It makes for a very fast and speedy response.”
Watch the full video with Jason Sabin, chief security officer at DigiCert, below:
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist