In the 90s, 'strong' cryptography - greater than 40 bit, and later 56 bit - was considered a munition in the US. So Netscape and Microsoft released two versions of their browsers: a US version with full 128 bit encryption and a weakened international version.
However there were exceptions: US-based finance sites could apply to selected CAs for a certificate that had a special flag that would allow non-US browsers to use 128 bit symmetric crypto. This is Server Gated Cryptography, or SGC.
Then, 15 years ago, in the final days of Bill Clinton's presidency, the US government eased the restriction and allowed any website to use strong cryptography. Browsers since IE 5.01 SP1 have this fix.
This should be the the end of the story. But it isn't.
It's 19th May 2015. Symantec's 'Introduction to SSL' has the following header:
Introduction to SSL
- How SSL works
- Authentication and trust: EV SSL
- Strongest SSL encryption: SGC
Thus begins a trend you'll see in the rest of Symantec's website: make sure people know that SGC enables 128 bit encryption, draw attention to the importance of cryptographic strength, and absolutely do not focus on how the browsers that can use SGC are so rare their usage is undetectably low.
Clicking on the 'SGC' tab reveals:
SGC: True 128-Bit SSL Encryption
Server-Gated Cryptography (SGC) certificates enable 128-minimum to 256-bit SSL encryption*, the most powerful SSL encryption commercially available today. You need the strongest SSL encryption available, when...
- you accept credit card, debit card, purchase card, or other online payments.
- you allow network access to confidential bank or brokerage account information.
- you transmit healthcare or insurance claim records electronically.
- you must meet privacy and security standards as a government agency.
- your reputation depends on the privacy and integrity of your information.
The wording is remarkably clever, and the points made are true:
What's strongly implied, but never said outright - because it would be wrong - is that SGC is needed in most circumstances for any of those things. Yet we're fairly confident that the majority of people would leave with that impresssion.
The full article continues in the same manner: focus on strong encryption, ignore legacy browser support. This is how long Symantec takes from introducting SGC to pointing out the browsers this technology is relevant to:
IE 5.01 SP1 also has the fix, but we'll ignore that for now.
Non-technical people often purchase certificates, and even those who see 'Stroingest SSL Encryption: SGC' and make it past all the crypto speak may still not realize how rare Internet Explorer 5.5 and Netscape 4.72 are in 2015. Symantec's not going to tell them: the article quickly moves back to the importance of strong encryption.
Oddly enough, while taking screenshots for this article, we visited symantec.com using IE5 and soon our IP was blocked. Simply visiting the site with a browser that outdated is enough to trigger Symantec's attack detection. Symantec's site doesn't render or work in IE5 anyway - we had to use another browser to make the image at the top of this page. Which begs the question: if supporting IE5 is so important, why doesn't symantec.com do it?
We're not the first to talk about this. SSLShopper discussed it in 2008 (read the definitely-real-people comments if you're in need of a laugh), Entrust covered it in 2012. Both are well known in the SSL industry, so it's fairly likely that Symantec are aware of what others think about they sell SGC. We suspect they find the commercial benefit of SGC sales - Symantec's regular EV certificates are $699, their EV+SGC certificates are $1199 - outweighs the effect of their brand so far.
For an industry based on trust, upselling SGC as a 'the strongest SSL encryption' while drawing attention away from the age of the browsers affected is inappropriate. Not only should we point out these activities, we have a duty to do so: this kind of behavior is why people think the SSL industry is awful.
If you're buying SSL certificates, be aware of how SGC is sold, particularly when non-technical people are paying for certificates. $500 USD is an awful price to pay for not being aware of how old some browser versions are. Consider whether you want to support a company - including it's sub brands like VeriSign, GeoTrust, Thawte and RapidSSL - that engages in these techniques.
The good news is that while some regions still advertise SGC in 'Introduction to SSL', other regions have removed the SGC content in the last few months. This isn't a sudden change of heart from Symantec: the current Chrome requires SHA2 signed certificates, which requires Windows XP SP3/IE6 or newer.
Since IE6 will happily do 128 bit encryption without SGC, Symantec can, 15 years since SGC made a difference, no longer upsell SGC for $500.
Mike MacCana, founder at CertSimple.
An EV HTTPS certificate verifies the company behind your website. But getting verified is a slow painful process. CertSimple provides EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide verification steps specific for your company, update in realtime during the process, and even check your infrastructure to help you set up HTTPS securely.
Verify your site now!