.jpg)
4 hours ago
1
Article content
THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
SUBSCRIBE TO UNLOCK MORE ARTICLES
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
REGISTER / SIGN IN TO UNLOCK MORE ARTICLES
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
THIS ARTICLE IS FREE TO READ REGISTER TO UNLOCK.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account
- Share your thoughts and join the conversation in the comments
- Enjoy additional articles per month
- Get email updates from your favourite authors
Sign In or Create an Account
or
Article content
Domain control validation sunsets on July 15, 2025, putting many companies that rely on WHOIS email at risk for service disruption
Article content
Article content
WILMINGTON, Del. — New research from CSC, an enterprise-class domain security provider and world leader in domain management, SSL management, brand protection, and anti-fraud solutions, indicates that as many as 40% of enterprises are at risk of unexpected service outages caused by out-of-date secure sockets layer (SSL) certificates. This threat stems from the reliance on WHOIS-based email addresses for domain control validation (DCV) that will be officially deprecated on July 15, 2025.
Article content
Article content
CSC analyzed over 100,000 global SSL certificate records and found that many organizations still use WHOIS email as their primary method for domain control validation, despite a 2024 vote by the CA/Browser Forum that mandates the deprecation of WHOIS-based validation due to its associated security vulnerabilities. After July 15, 2025, certificate authorities (CAs) will no longer accept WHOIS email for DCV, making alternative validation methods essential for uninterrupted operations.
Article content
By signing up you consent to receive the above newsletter from Postmedia Network Inc.
Article content
Compounding the issue, 17% of companies surveyed by CSC are unaware of their current DCV method, suggesting a widespread lack of visibility and preparedness within IT and security teams. To mitigate the risk, companies should immediately audit their certificate management workflows and migrate to accepted DCV alternatives such as domain name system (DNS)-based validation or file-based web token methods.
Article content
“For years, WHOIS-based email was seen as the easiest, non-technical DCV method. Organizations that have not switched to alternative DCV methods risk serious consequences—from website outages to critical service failures. But the changes don’t stop there,” cautions CSC’s senior director of Technology, Security Products and Services, Mark Flegg. “Organizations also need to bear in mind further industry-wide shifts that will take place in the coming years. Any short-term fixes need to be aligned with this long-term trajectory where automation of certificates and DCV will become unavoidable. Organizations absolutely need to start their prep work now.”
Article content
From March 15, 2026, certificate life cycles will begin to shorten drastically—from 367 days to 200, then 100, and finally just 47 days by 2029. Correspondingly, DCV re-use periods will reduce from 367 to 200, 100, and then just 10 days by 2028. That means enterprises will be facing up to eight certificate renewals per year. With DCV at 10 days, it could mean revalidation every time a certificate needs to be re-issued.
Article content
To support enterprises through these transitions, CSC offers a comprehensive suite of digital certificate solutions that can tailor to any organization’s workflow. Its newly launched Domain Control Validation as a Service (DCVaaS)—available free of charge to its clients—streamlines the validation process, reducing certificate renewal times by up to 99% and alleviating the manual workload for IT teams.
Article content
Article content
To learn more about CSC’s DCVaaS and future-proof your digital certificate operations, request a consultation at cscdbs.com.About CSC
CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands (Interbrand®) with focus areas in domain security and management, along with digital brand and fraud protection. As global companies make significant investments in their security posture, our DomainSecSM platform can help them understand cybersecurity oversights that exist and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss. CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—with a multidimensional view of various threats outside the firewall targeting specific domains. Fraud protection services that combat phishing in the early stages of attack round out our solutions. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
Article content
Article content
Article content
Article content
View source version on businesswire.com:
Article content
Article content
Article content
Contacts
Article content
For more information:
Joyson Cherian
W2 Communications
[email protected]
CSC News Room
Article content
English (US)