LeaderSSL Support: offline:
Mo - Fr 9:00 - 18:00 CET time
Customer service Billing:

Monday — Friday:
9:00 - 18:00 CET time

Technical Support:

Monday — Friday:
9:00 - 18:00 CET time

Ordering system/certificate issuance:

24/7

LeaderTelecom B.V. is VAT-registered with the UK’s HM Revenue and Customs (HMRC) and has a UK VAT number (GB373878249) , so we can charge UK VAT as normal. All invoices for UK customers now include 20% VAT, although still denominated in EUR as the company’s tax residency is the Netherlands.

News

Ballot SC53, relating to the deprecation of SHA-1 OCSP signatures, has been adopted

The CA/B Forum, the regulator in the SSL certificate industry, has passed Ballot SC53 by a majority vote. SHA-1 OCSP signatures are no longer supported.

OCSP (Online Certificate Status Protocol) is an Internet protocol used to obtain the revocation status of an X.509 digital certificate.

The SHA-1 hashing algorithm used for signatures is not strong enough.

It has long been forbidden to use private keys to directly sign OCSP responses using SHA-1.

However, private keys corresponding to delegated OCSP responders could still be used to sign OCSP responses using the SHA-1 algorithm.

What does the new Ballot SC53 do?

The new Ballot SC53 makes the following changes to the Baseline Requirements document:

  • Section 7.1.3.2.1 was introduced, stating that a CA can no longer sign OCSP responses using the SHA-1 algorithm.
  • The producedAt field for ResponseData in an OCSP response MUST contain a date before 2022-06-01 00:00:00 UTC.

Subscribe to our updates to keep up-to-date with the latest in the field of SSL. 


Are you ready to try?


Yes! Let's do it for free!

Have any questions?
Call us now +31 20 7640722