Symantec, after facing issues with both Google Chrome and Mozilla deciding to start distrusting its EV SSL certificates, has decided to sell its SSL business to DigiCert, for $950 Million.
A news release from DigiCert says- “Symantec Corp. (NASDAQ:SYMC), the world’s leading cyber security company, and DigiCert Inc., a leading provider of scalable identity and encryption solutions for the enterprise, today announced an agreement under which DigiCert will acquire Symantec’s Website Security and related PKI solutions. Under the terms of the agreement, Symantec will receive approximately $950 million in upfront cash proceeds and approximately a 30 percent stake in the common stock equity of the DigiCert business at the closing of the transaction.”
For quite some time, Symantec has been facing harsh criticism from the browser community as regards its certificate issuance norms. Google has been very harshly critical about Symantec and Google Chrome had announced its decisions to gradually start distrusting its EV SSL certificates.
PC World reports, “The most vocal of Symantec’s critics has been Google. Over the last two years or so it has repeatedly criticized Symantec’s procedures for issuing the certificates, which are intended to secure and authenticate communications between websites and browsers, among other applications…In March, Google accused Symantec of mis-issuing at least 30,000 such certificates, potentially allowing attackers to masquerade as legitimate websites…Of particular concern are so-called Extended Validation (EV) certificates, for which issuers are supposed to take additional actions to authenticate the identity of the entity requesting them.”
The deal between Symantec and DigiCert is likely to close before the end of the year. DigiCert’s news release says- “The addition of Symantec’s website security solutions to DigiCert’s offerings will bring together the industry’s top talent and provide customers with an enhanced technology platform, unparalleled customer support and market-leading innovations. DigiCert will gain capabilities to take advantage of growth opportunities in IoT and bring new approaches to the SSL market. DigiCert will continue to operate from its headquarters in Lehi, Utah and will employ over 1,000 professionals.”
John Merril, the CEO of DigiCert, writes in a blog post- “Importantly, we feel confident that this agreement will satisfy the needs of the browser community. DigiCert is communicating this deal and its intentions to the browser community and will continue to work closely with them during the period leading up to our closing the transaction. DigiCert appreciates and shares the browsers’ commitment to engendering trust in digital certificates and protecting all users.”
Symantec’s competitors in the SSL market, however, are closely watching the developments and would even try to make the most of the situation. Bleepingcomputer.com says- “Comodo, Symantec’s main rival, is ecstatic about Symantec’s decision to offload its SSL issuance business.”