Comments on: Are there 219,000 websites with expired SSL certificates? https://www.pingdom.com/blog/are-there-219000-websites-with-expired-ssl-certificates/ Website Performance and Availability Monitoring | Pingdom Tue, 10 Feb 2009 17:12:08 +0000 hourly 1 https://wordpress.org/?v=6.4.4 By: Allen Kelly https://www.pingdom.com/blog/are-there-219000-websites-with-expired-ssl-certificates/#comment-7090 Tue, 10 Feb 2009 17:12:08 +0000 http://royalpingdom.wpengine.com/?p=1664#comment-7090 I agree with W. Wilkins. Phishing seems to be on the rise amidst this economic turnmoil, but at the same time, it is becoming standard that more people are sharing more sensitive and personal information online.
This is a double-edged sword and EV SSL seems to dull both sides of the blade.
I always look for the green URL bars first – because it’s so easy – and then continue scanning for other security indicators like the padlock, https, and other signs of credibility.

]]>
By: W.Wilkins https://www.pingdom.com/blog/are-there-219000-websites-with-expired-ssl-certificates/#comment-7089 Mon, 09 Feb 2009 20:55:21 +0000 http://royalpingdom.wpengine.com/?p=1664#comment-7089 The numbers are interesting – not high at all in my mind. I have run into several expired certs and the “scary” web browser warnings. I have also run into more “green url bars” denoting an upgrade to Extended Validation SSL Certificates. Thank goodness.
I need more security these days – especially with my personal/financial information on the internet.

]]>
By: Johnathan Nightingale https://www.pingdom.com/blog/are-there-219000-websites-with-expired-ssl-certificates/#comment-7088 Fri, 06 Feb 2009 21:54:10 +0000 http://royalpingdom.wpengine.com/?p=1664#comment-7088 For the top 1M sites (according to Alexa), I encountered 57,293 expired certificates vs. 214,035 valid certs. 382,860 of those sites responded to an SSL handshake at all. So you could call that 5.7% (of the top 1M sites), 21% (expired / (expired + valid)), or 14.9% (expired/total certs) depending mostly on what your agenda was. 🙂
I’d love to see others perform similar analysis though, I have made the code and the crawler data available as an SQLite file here: http://blog.johnath.com/2009/01/21/ssl-information-wants-to-be-free/

]]>
By: mike https://www.pingdom.com/blog/are-there-219000-websites-with-expired-ssl-certificates/#comment-7087 Fri, 06 Feb 2009 14:07:13 +0000 http://royalpingdom.wpengine.com/?p=1664#comment-7087 At Trustwave we have tools to automatically scan for and install certificates. The interesting thing we have seen recently is a renewed desire to understand and better manage the pki environment as a whole. The implications of the Kaminsky (DNS ) findings, the rapidssl md5 hole and the Comodo DV reseseller issues have really driven enterprises towards implementing a better system for managing their in flight data.
Times are interesting in the SSL world.

]]>