https://news.harica.gr/article/ Recent content in Articles on Harica Hugo -- gohugo.io Thu, 29 Jan 2026 12:11:14 +0300 https://news.harica.gr/article/tls-client-authenticaion/ Thu, 29 Jan 2026 12:11:14 +0300 https://news.harica.gr/article/tls-client-authenticaion/ Updated Feb 17, 2026 Important Notice: We would like to inform you that, following the recent updates to the Chrome Root Program Policy and the extension of the deprecation timeline for the TLS Client Authentication EKU in TLS Server certificates, HARICA will postpone the previously announced actions by approximately nine (9) months. The updated timeline will be communicated at a later date. Dear HARICA Subscribers, We are announcing an upcoming update to our Publicly-Trusted SSL/TLS Web Server Certificates. https://news.harica.gr/article/ocsp-deprecation/ Thu, 29 Jan 2026 12:10:14 +0300 https://news.harica.gr/article/ocsp-deprecation/ Dear HARICA Subscribers, Effective March 2, 2026, HARICA will officially deprecate the use of the Online Certificate Status Protocol (OCSP) for all newly issued publicly-trusted server TLS certificates, with exceptions made only for specific use cases where required. In accordance with evolving industry standards and browser requirements, certificates issued after this date will no longer contain an OCSP responder URL in the Authority Information Access (AIA) extension, by default. Instead, certificate revocation status will be managed exclusively through Certificate Revocation Lists (CRLs) and modern browser-native mechanisms. https://news.harica.gr/article/mpic_and_caa_checks/ Fri, 14 Mar 2025 12:10:14 +0300 https://news.harica.gr/article/mpic_and_caa_checks/ Multi-Perspective Issuance Corroboration (MPIC) Starting on March 15, 2025, HARICA will implement Multi-Perspective Issuance Corroboration (MPIC) for Domain Authorization, Control, and Certification Authority Authorization (CAA) Record checks before issuing any TLS Server Authentication Certificates, in accordance with CA/B Forum Baseline Requirements for TLS Server Certificates. With MPIC, DNS queries for Domain Validation and CAA checks must be verified from multiple, randomly distributed and distant locations across the Internet. If the information corroboration fails (up to a certain level), the certificate issuance will be blocked. https://news.harica.gr/article/code_signing_new_policy/ Sun, 21 May 2023 12:10:14 +0300 https://news.harica.gr/article/code_signing_new_policy/ According to CA/B Forum Baseline Requirements for the Issuance and Management of Publicly‐Trusted Code Signing Certificates and HARICA’s Certificate Policy and Certification Practices Statement for the Hellenic Academic and Research Institutions Public Key Infrastructure (CP/CPS), starting June 1, 2023, it will be mandatory for Code Signing Certificates to have their private keys stored in hardware devices such as tokens or Hardware Security Modules (HSMs) with at least security standard of FIPS 140-2 level 2 or Common Criteria EAL 4, following the existing requirements for Extended Validation Code Signing Certificates. https://news.harica.gr/article/announcement_kiwifarms/ Tue, 16 May 2023 14:08:14 +0300 https://news.harica.gr/article/announcement_kiwifarms/ HARICA supports the freedom of speech and expression, and the right for privacy which is why it invested time and effort to support and offer Onion certificates. This decision was welcomed by the Tor community. https://blog.torproject.org/tls-certificate-for-onion-site/ https://twitter.com/torproject/status/1374814543252049920?lang=el https://newsletter.torproject.org/archive/2021-03-31-onion-tls-petition-ban-biometric-surveillance/ https://community.torproject.org/onion-services/advanced/https/ https://www.facebook.com/TorProject/photos/a.10151472966454951/10161197452869951/?type=3 HARICA does not check or censor website content protected by its certificates. However, every CA must follow a process to handle complaints from Third Parties and Law enforcement authorities associated with HARICA-issued certificates. https://news.harica.gr/article/signature_validation/ Mon, 07 Nov 2022 13:00:00 +0300 https://news.harica.gr/article/signature_validation/ Decision 2015/1506/EU pursuant to Regulation (EU) 910/2014 (also known as eIDAS) has defined a number of baseline profiles (e.g. PAdES, XAdES, etc.) to ensure that electronic signatures can be created and validated anywhere in Europe. When a user performs a signing operation with Acrobat and tries to validate the signature at a later time using a signature validation software like DSS (Digital Signature Service) WebApp, either after the certificate’s expiration or revocation, the validation fails. https://news.harica.gr/article/harica_achievements/ Wed, 15 Jun 2022 13:10:14 +0300 https://news.harica.gr/article/harica_achievements/ Sky is the limit All of us involved in HARICA’s activities as a “Qualified Trust Service Provider (QTSP)” share a common philosophy that can be summed up in the words of Henry Ford: “If everyone moves forward in sync, then success comes naturally”. A few years ago, we decided to expand our activities beyond the Academic and Research boundaries. Since then, our projects have exceeded our initial expectations and we feel deeply honored to be trusted by high-profile leading organizations, institutions, public and private, in Greece, in Europe and in the rest of the world. https://news.harica.gr/article/2021_harica_tls_roots/ Mon, 30 May 2022 12:00:00 +0300 https://news.harica.gr/article/2021_harica_tls_roots/ We are pleased to announce that on the 1st of June 2022, HARICA will switch the issuance of SSL/TLS certificates to its 2021 Root TLS Certification Authorities. Both HARICA TLS RSA Root CA 2021 and HARICA TLS ECC Root CA 2021 are already pre-installed on Windows operating systems as well on macOS 12 providing the necessary trust anchor for Google Chrome, Microsoft Edge and other popular Internet Browsers. In addition, Mozilla Firefox has updated its Certificate Store with HARICA’s new RootsCAs. https://news.harica.gr/article/remote_esignature_offer/ Mon, 29 Nov 2021 12:00:00 +0300 https://news.harica.gr/article/remote_esignature_offer/ UPDATE Following the high demand for eSignatures, HARICA decided to extend the discount period till the end of February 2022. Why use a Qualified Electronic Signature? Use the electronic signature to digitally sign documents (PDF) and ensure the authenticity and integrity of their content. Since legally binding (cross-border in the European Union) you can use the electronic signature in: Contracts (sales, employment, lease, insurance, etc.) Transactions (e-commerce, online banking, tenders, etc. https://news.harica.gr/article/psd2/ Mon, 17 May 2021 13:10:14 +0300 https://news.harica.gr/article/psd2/ A solution for Financial Institutions and Payment Service Providers Are you a Financial Institution? Is your business dealing with electronic payment and open banking? Are you looking for security, privacy, and reliability for your electronic services across EU borders? According to the EU directive 2015/2366 (PSD2), you need a Qualified Web Authentication Certificate (QWAC) and/or Qualified Electronic Seal Certificate (QSealC). PSD2 at a glance Payment Service Directive 2 (PSD2) is the second revised directive of an existing Payment Service Directive from 2007. https://news.harica.gr/article/onion_announcement/ Mon, 26 Apr 2021 13:10:14 +0300 https://news.harica.gr/article/onion_announcement/ UPDATE Following the high demand for onion certificates, HARICA decided to extend the discount period till the end of August 2021. Great news for Onion fans! We are excited to announce that HARICA has started issuing Domain Validated (DV) certificates for v3 Onion websites. HARICA is a Publicly Trusted Certification Authority (CA) that participates in all major Global “ROOT CA” Trust Programs (360, Adobe, Apple, Microsoft, Mozilla, Oracle), and operates as a “Trust Anchor” in widely used Application Software and Operating Systems (Adobe, Apple, Google, Microsoft, Mozilla, Linux). https://news.harica.gr/article/success_story/ Sun, 25 Apr 2021 13:10:14 +0300 https://news.harica.gr/article/success_story/ Several years ago, an idea was born for an innovative (at the time) project based on the need for increased protection/security measures to encrypt communications over insecure networks, such as the Internet. A team of Information and Communication Engineers from various Greek Universities and Research Centers collaborated and created a Public Key Infrastructure (PKI) that served and covered the security needs of the Academic and Research Institutions of Greece for SSL/TLS server and S/MIME certificates. https://news.harica.gr/article/certificate_pinning/ Mon, 30 Nov 2020 14:08:14 +0300 https://news.harica.gr/article/certificate_pinning/ Dear HARICA subscribers, We recently became aware that some elements of our Certification Policy/Certificate Practice Statement related to Certificate Revocation have not been so clearly communicated to our Subscribers. This article attempts to describe some recommended practices for Subscribers, and some bad practices (to be avoided) in order to improve the overall security of the use of Publicly-Trusted Digital Certificates for the benefit of Relying Parties worldwide. Based on 4.9.1 Circumstances for revocation of HARICA’s Certificate Policy and Certification Practices Statement, by the time HARICA detects or receives a notification for a problematic certificate, must immediately inform the Subscriber.