Facebook has successfully launched a tool with the help of which the owner can find out such certificates. This can be done by using data which is being collected from many Certificate Transparency (CT) logs. Facebook had a good understanding of the importance of adapting CT and decided to build a tool for the public. This tool would help other companies to keep track of SSL certificate issues for their domains. With the help of this tool..
  • The Domain owner can detect a mis-issued certificate within an hour
  • Keep track of existing certificates being used
  • An Owner can subscribe to receive email alerts when a new certificate appears in CT logs
In case you receive an alert on CA issuing certificate that you have not requested, follow these steps:
  • Contact concerned CA, who issued the certificate
  • Make sure that your identity is not compromised
  • Consider revoking that certificate
Facebook Adopting CT

For internal use, Facebook had initially built its own CT monitoring service as FB uses various websites for marketing. Special events are also outsourced to the third party. To keep a track, which was not possible without monitoring services, CT played an important role. CT monitoring helps in tracking various sites even if direct management is delegated to another party. With the help of CT, the Facebook security team was able to detect two certificates issued for ‘fb.com’, which the security team had no knowledge of. Although after complete investigation it was discovered that the certificate was issued on request of another Facebook team but they failed to inform the FB security team in time.
From all the public CT logs, this tool fetches data periodically; it is then synced before performing ‘user-supplied query’. Whenever a new entry in the synced list is detected, users will receive an email notification. There are no restrictions on usage of this tool, so anyone can use it to search for logs for any domain.
About The Author
This article was written by The SSL Street, a US based company giving you superb SSL Certificates at the lowest cost. Here at SSL Street, we pride ourselves on our ability to offer our customers an extensive variety of Secure SSL certificates. In recent years, the types of SSL Certificates have become increasingly varied in their features, pricing and cost efficiency. This site was set up to assist those in need in navigating what can be a difficult decision-making process with important consequence for their business or organization.
If you need more information regarding this or you need help in getting positive SSL certificate for your website, we are just a call away. Give us a call on our toll-free number +1 (888) 606-7330 or write us on info@thesslstreet.com, our team of experts will be happy to assist you.
Views: 459 views    Report this Article
Comments (0)