jcs

Change to Certificate Service – from 1st March 2018 Q1) What is the change in the maximum duration of certificates?     A) The maximum duration will be limited to 2 years, currently this is 3 years. Q2) What certificates are affected?     A) Only medium assurance Organisation Validated (OV) certificates. High assurance Extended Validation (EV) and Wildcard  certificates are already limited to 2 years. Q3) Who is driving this change?

We're pleased to announce that from today the service can provide end user certificates, which are used for digitally signing and encrypting emails. These are called S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates. S/MIME are installed on email clients which then enable the end user to send digitally signed emails, giving recipients assurances that the email originated from the sender's account. By signing emails, recipients can also have confidence that the contents of the email has been been altered in transit.

The service changed certificate provider to QuoVadis in 2015, and as part of that transition Jisc is obliged to ensure all organisations that use the Certificate Service comply with and agree to a QuoVadis ‘Sub-LRA Agreement’. We have therefore updated the Certificate Service Terms & Conditions to reflect this.

SHA-1 and Google Chrome: 20 November 2014 On 18 November Google released Chrome 39 which will now result in users visiting web services secured with SHA-1 certificates that expire in 2017 being shown a grey padlock with a yellow warning triangle, instead of the usual recognisable green padlock.