Google SSL Certificates

google ssl certificates

Google SSL refers to four different things, but let’s be clear from the start that Google is not a Certification Authority and does not offer SSL Certificates. The termGoogle SSL is used to refer to several connections between Google’s services and SSL capabilities, including Google’s own SSL Certificates, Google’s SSL Certificate requirements for those using Google Checkout, Google’s use of SSL connections for accessing a number of its applications, and Google’s offering of SSL Search. Here are more details:

• Google SSL can refer to Google’s own collection of SSL certificates. Just like any other website that wants to provide secure services to customers, Google needs to have a Certification Authority issue it SSL Certificates. The fact that Google has SSL Certificates has been brought forcibly to people’s attention due to a problem when switching between https://www.google.com addresses and the same address without any ws. Doing so has brought up an SSL error because of a mismatch between the Certificate and the exact domain name.

The Google.com SSL Certificate also was brought to everyone’s attention in March of 2011 when a hacker, ostensibly from Iran compromised a Reseller Account at Comodo, a legitimate Certification Authority, and requested 9 fraudulent certificates, including one for mail.google.com and one for www.google.com, as well as yahoo.com, skype.com, and mozilla.com—nine in all—which were, in fact issued. However, only one for Yahoo! was ever seen live on the Internet, all of them were revoked as soon as the fraud was discovered, the domain owners were quickly notified, and the main browsers were as well.  In addition, new controls were introduced by Comodo to prevent a recurrence.

• The second meaning of Google SSL is the list of  SSL Certificates that Google Checkout accepts. Ecommerce website owners who want to use Google Checkout and integrate their own order management system are required to obtain an SSL Certificate and should view the list before investing in a Certificate. Some of the well-known Certificate Authorities, the root certificates of which are accepted include:

  • Comodo
  • DigiCert
  • Entrust
  • Equifax
  • GeoTrust
  • GoDaddy
  • Thawte
  • VeriSign
  • VISA eCommerce

An SSL certificate is also needed to use Google’s HTTPS sandbox environment, and trail or self-signed SSL Certificates are not accepted.

• Third, Google SSL refers to the use of SSL for user connections to Google Apps in order to increase protection for users. Google provides for SSL connection to Gmail, Google Chat, Google Calendar, Google Docs, and Google Sites, but not for Google Talk desktop client or Google Video for Business. It is particularly recommended for contact made over a public wireless network, such as at a coffee shop, or a network that is not encrypted. It can be turned on and off, as you change networks, which you may wish to do because using https slows Gmail down.

• Fourth, Google SSL can refer to Google’s implementation of SSL Search, initially introduced in May of 2010, which is an end-to-end solution for encrypted search with two exceptions:

  • If the search results include domains that are not encrypted (i.e., on sites with the address http, rather than https), you will exit the encrypted mode.
  • If you search on images—a feature recently added to Google SSL Search—pages showing a bigger preview image don’t use SSL.

Not all the features of the regular Google search (http) are available when using SSL search.

The SSL image search capability is actually a new feature, introduced in May 2011. A new feature in Google’s Chrome browser, SSL False Start, reduces the latency of the SSL handshake by almost a third, which will help functionality because SSL operations are slower than “regular” operations. Google is continuing to develop the use of safer access online in various ways.

Sources

http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
http://www.microsoft.com/technet/security/advisory/2524375.mspx
https://checkout.google.com/support/sell/bin/answer.py?answer=57856
http://www.google.com/support/a/bin/answer.py?answer=100181
http://www.google.com/support/websearch/bin/answer.py?answer=173733
http://googleblog.blogspot.com/2010/05/search-more-securely-with-encrypted.html
http://googlesystem.blogspot.com/2011/05/google-image-search-in-ssl.html
http://news.softpedia.com/news/Encrypted-Google-Image-Search-Now-Available-201883.shtml

You may like these posts