GeoTrust

Last updated
Geotrust
GeoTrust logo.svg
Product type Public key certificates
Owner DigiCert
CountryUnited States
MarketsWorld
Website www.geotrust.com

GeoTrust is a digital certificate provider. The GeoTrust brand was bought by Symantec from Verisign in 2010, but agreed to sell the certificate business (including GeoTrust) in August 2017 to private equity and growth capital firm Thoma Bravo LLC. [1] GeoTrust was the first certificate authority [2] to use the domain-validated certificate method which accounts for 70 percent of all SSL certificates on the Internet. [3] [4] By 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company Netcraft. [5]

Contents

History

GeoTrust was the first certificate authority [2] to use the domain-validated certificate method [4] USGranted 8028162,Douglas D. Beattie&Christopher T. M. Bailey,"Methods and systems for automated authentication, processing and issuance of digital certificates",published September 27, 2011, assigned to GeoTrust  which is now widely accepted and used by all certificate authorities including Let's Encrypt. [6] [7] GeoTrust was a restarted company in 2001 that acquired the security business of Equifax. The Equifax business was the basis of its fast growth. The founders of the restarted company were CEO Neal Creighton, CTO Chris Bailey and Principal Engineer Kefeng Chen. [8] Having no previous fund raising experience Creighton, Bailey and Chen used an existing company as the vehicle to acquire the business they had started at Equifax. [9] The buyout of the Equifax certificate business was inexpensive given the final exit price in 2006. [10]

VeriSign acquired GeoTrust on 5 September 2006 for $125 million. The main investor was St. Paul Venture Capital/VesBridge. ACG/ Mass High tech named VeriSign's acquisition of GeoTrust as the sell side deal of the year for 2006. [10] [11] [12]

Symantec acquired the GeoTrust brand in 2010 as part of its $1.28 billion acquisition of Verisign security business. [13]

Previous logo until 2020. GeoTrust.svg
Previous logo until 2020.

Symantec announced the sale of its entire certificate business in August 2017 to Thoma Bravo LLC for $1 billion [1] with the intention of merging it with DigiCert. [14] Thoma Bravo merged GeoTrust into DigiCert and GeoTrust is now owned by DigiCert.

Root Certificate Untrust

Following a dispute with Google the GeoTrust Root Certificate became untrusted. [15]

Beginning 1st December 2017 GeoTrust has been issuing all Certificates under the DigiCert Trusted Root TLS Certificate. [16]

Related Research Articles

<span class="mw-page-title-main">Public key infrastructure</span> System that can issue, distribute and verify digital certificates

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the identity of its owner, and the digital signature of an entity that has verified the certificate's contents. If the signature is valid, and the software examining the certificate trusts the issuer, then it can use that key to communicate securely with the certificate's subject. In email encryption, code signing, and e-signature systems, a certificate's subject is typically a person or organization. However, in Transport Layer Security (TLS) a certificate's subject is typically a computer or other device, though TLS certificates may identify organizations or individuals in addition to their core role in identifying devices. TLS, sometimes called by its older name Secure Sockets Layer (SSL), is notable for being a part of HTTPS, a protocol for securely browsing the web.

<span class="mw-page-title-main">Root certificate</span> Certificate identifying a root authority

In cryptography and computer security, a root certificate is a public key certificate that identifies a root certificate authority (CA). Root certificates are self-signed and form the basis of an X.509-based public key infrastructure (PKI). Either it has matched Authority Key Identifier with Subject Key Identifier, in some cases there is no Authority Key identifier, then Issuer string should match with Subject string. For instance, the PKIs supporting HTTPS for secure web browsing and electronic signature schemes depend on a set of root certificates.

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

<span class="mw-page-title-main">Verisign</span> American Internet company

Verisign Inc. is an American company based in Reston, Virginia, United States, that operates a diverse array of network infrastructure, including two of the Internet's thirteen root nameservers, the authoritative registry for the .com, .net, and .name generic top-level domains and the .cc country-code top-level domains, and the back-end systems for the .jobs and .edu sponsored top-level domains.

<span class="mw-page-title-main">Gen Digital</span> Multinational software company

Gen Digital Inc. is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

CyberTrust was a security services company formed in Virginia in November 2004 from the merger of TruSecure and Betrusted. Betrusted previously acquired GTE Cybertrust. Cybertrust acquired a large stake in Ubizen, a European security services firm based in Belgium, to become one of the largest information security firms in the world. It was acquired by Verizon Business in 2007. In 2015, the CyberTrust root certificates were acquired by DigiCert, Inc., a leading global Certificate Authority (CA) and provider of trusted identity and authentication services.

Thawte Consulting is a certificate authority (CA) for X.509 certificates. Thawte was founded in 1995 by Mark Shuttleworth in South Africa. As of December 30, 2016, its then-parent company, Symantec Group, was collectively the third largest public CA on the Internet with 17.2% market share.

<span class="mw-page-title-main">Extended Validation Certificate</span> Certificate for HTTPS websites and software

An Extended Validation Certificate (EV) is a certificate conforming to X.509 that proves the legal entity of the owner and is signed by a certificate authority key that can issue EV certificates. EV certificates can be used in the same manner as any other X.509 certificates, including securing web communications with HTTPS and signing software and documents. Unlike domain-validated certificates and organization-validation certificates, EV certificates can be issued only by a subset of certificate authorities (CAs) and require verification of the requesting entity's legal identity before certificate issuance.

GlobalSign is a certificate authority and a provider of identity and security solutions for the Internet of Things (IoT). As of January 2015, Globalsign was the 4th largest certificate authority in the world according to the Netcraft survey.

<span class="mw-page-title-main">DigiCert</span> Internet security company

DigiCert, Inc. is a digital security company headquartered in Lehi, Utah. As a certificate authority (CA) and trusted third party, DigiCert provides public key infrastructure (PKI) and validation required for issuing digital certificates or TLS/SSL certificates.

The Certification Authority Browser Forum, also known as the CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser and secure email software, operating systems, and other PKI-enabled applications that promulgates industry guidelines governing the issuance and management of X.509 v.3 digital certificates that chain to a trust anchor embedded in such applications. Its guidelines cover certificates used for the SSL/TLS protocol and code signing, as well as system and network security of certificate authorities.

StartCom was a certificate authority founded in Eilat, Israel, and later based in Beijing, China, that had three main activities: StartCom Enterprise Linux, StartSSL and MediaHost. StartCom set up branch offices in China, Hong Kong, the United Kingdom and Spain. Due to multiple faults on the company's end, all StartCom certificates were removed from Mozilla Firefox in October 2016 and Google Chrome in March 2017, including certificates previously issued, with similar removals from other browsers expected to follow.

DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC).

Neal Creighton is an American entrepreneur based in Boston, Massachusetts, United States. He was one of the co-founders and CEO of certificate authority GeoTrust in 2001, and is co-inventor of the domain-validated certificate patent issued in 2006 which method accounts for 70 percent of all SSL certificates on the Internet.In 2006, GeoTrust was the 2nd largest certificate authority in the world with 26.7 percent market share according to independent survey company Netcraft. He was also cofounder of RatePoint, Inc., which was named the MITX 2010 Social Media Company of the Year for New England.

<span class="mw-page-title-main">Certificate Authority Security Council</span>

The Certificate Authority Security Council (CASC) is a multi-vendor industry advocacy group created to conduct research, promote Internet security standards and educate the public on Internet security issues.

Certificate Transparency (CT) is an Internet security standard for monitoring and auditing the issuance of digital certificates.

<span class="mw-page-title-main">Domain-validated certificate</span>

A domain validated certificate (DV) is an X.509 public key certificate typically used for Transport Layer Security (TLS) where the domain name of the applicant is validated by proving some control over a DNS domain. Domain validated certificates were first distributed by GeoTrust in 2002 before becoming a widely accepted method.

The Enrollment over Secure Transport, or EST is a cryptographic protocol that describes an X.509 certificate management protocol targeting public key infrastructure (PKI) clients that need to acquire client certificates and associated certificate authority (CA) certificates. EST is described in RFC 7030. EST has been put forward as a replacement for SCEP, being easier to implement on devices already having an HTTPS stack. EST uses HTTPS as transport and leverages TLS for many of its security attributes. EST has described standardized URLs and uses the well-known Uniform Resource Identifiers (URIs) definition codified in RFC 5785.

Trustico is a dedicated SSL certificate provider, They are headquartered in the United Kingdom.

References

  1. 1 2 Liana B. Baker (2017-08-02). "Symantec to sell Web certificates business to Thoma Bravo: sources". Reuters. Retrieved 2018-01-08.
  2. 1 2 Aumasson, J.P. (2017). Serious Cryptography: A Practical Introduction to Modern Encryption. No Starch Press. p. 429. ISBN   978-1-59327-882-3 . Retrieved 2020-07-10.
  3. https://www.netcraft.com/internet-data-mining/ssl-survey/
  4. 1 2 "Top SSL Certificates Buyer's Guide". PCMAG.
  5. "VeriSign To Buy GeoTrust, Combining Top SSL Providers". Netcraft News.
  6. "There's certs and certs – VeriSign badmouths rivals". www.theregister.com.
  7. "Let's Encrypt issues one billionth free certificate". March 2, 2020.
  8. "Neal Creighton, CEO, GeoTrust - InternetNews". www.internetnews.com. Retrieved 2020-05-22.
  9. "GeoTrust acquires Equifax's digital certificate business". www.bizjournals.com. September 25, 2001. Retrieved 2020-07-10.
  10. 1 2 "Mass High Tech, ACG name top Tech Dealmakers for 2007". Boston Business Journal. 2007-12-06. Retrieved 2019-10-28.
  11. "VeriSign Buys GeoTrust: $125M". Archived from the original on 2008-09-20. Retrieved 2008-01-04.
  12. "VeriSign buys SSL certs rival for $125m". www.theregister.com.
  13. Hoffman, Stefanie (May 19, 2010). "Symantec To Acquire VeriSign Security For $1.28B". CRN.
  14. "DigiCert Completes Acquisition of Symantec's Website Security and Related PKI Solutions - DigiCert". DigiCert. Retrieved 2018-01-08.
  15. "Google to kill Symantec certs in Chrome 66, due in early 2018" . Retrieved 2018-01-08.
  16. "GeoTrust Global SSL Certificates". www.ssltrust.com.au.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.