Why GlobalSign Was Right to Suspend New Certificates


If anything, I would be reassured if GlobalSign were my CA. They have they are taking the situation seriously. The reality is that certificate authorities are in the business of Internet security, and as a result are constantly defending against hackers. In addition, Comodohacker has claimed that they have access to GlobalSign's systems, and this claim has yet to be properly verified by the company.

What Factors Should Be Considered When Choosing a CA Provider?

There are many certificate authorities out there, and choosing one over another can be difficult. There are several factors to consider when making the choice. The extent of the identity verification when the certificate is initially issued is a very important factor. Certificate authorities should not just trust the information given to them by companies, but consult third-party records such as Dun & Bradstreet for independent verification.

Cost is another factor. A bargain-basement certificate authority simply does not have the funds for the resources needed to guard against security threats. In the case of a cheap Internet security certificate, you really do get what you pay for. Most certificate authorities will offer appropriately priced solutions for smaller businesses. If the price is too low when compared to similar companies, alarm bells should go off and you should investigate further before purchasing the cheap solution.

You should also consider who will be performing installation and installation costs. If you are not technically inclined, chances are good that the CA will offer an installation service. These should be factored into any quotes.