EV certificate usage declining: Is the internet becoming more secure?

2021-12-13 06:00

Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world's top 1 million sites over the last 18 months shows that in many ways, the internet is becoming more secure.

Despite the adoption of stronger encryption protocols, many companies continue to use legacy RSA encryption algorithms to generate keys, which in conjunction with TLS certificates, act as machine identities that authorize secure connections between physical, virtual and IoT devices, APIs, applications and clusters.

Of the three categories of key generation algorithms commonly used for asymmetric encryption - RSA, DSA and ECDSA - ECDSA is the most secure due to the computational complexity.

These smaller keys are ideal for mobile applications, and since they can be stored in devices with much more limiting memory constraints, ECDSA keys are ideal to support mTLS stacks in IoT and embedded devices.

The number of top 1 million sites using EV certificates is at its lowest point ever in the last six years of analysis.

"Browsers no longer give EV certificates any special treatment, and the speed of development today simply does not accommodate the slow, manual approval processes connected with them. Cloud-native technologies require much larger numbers of TLS certificates, and these technologies absolutely require automation for machine identities. Given that EV certificates are not automation friendly, their usage and value is going to continue to drop."

News URL

https://www.helpnetsecurity.com/2021/12/13/newer-tls-protocols/

#certificate #internet