DigiCert, a pioneering global provider of digital trust solutions, announced the release of its open-source Domain Control Validation (DCV) library, building on its contributions to the PKI community.
The release of the new library is designed to strengthen the domain validation process and reduce errors in certificate issuance. This latest release joins pkilint, another open-source tool from DigiCert that ensures certificates are accurate and comply with standards.
DigiCert’s open-source library
DCV process is vital for ensuring that only the owner of a domain can be issued a certificate for it
The DCV process is critical for ensuring that only the proven owner of a domain can be issued a certificate for it. Until now, many CAs have had to develop their own proprietary code to meet compliance requirements—a task that can be resource-intensive and inconsistent.
DigiCert’s open-source library solves this problem by providing a pre-vetted, standards-compliant solution that raises the bar for industry transparency and security.
New standard for transparency
“This library reflects our commitment to advancing the security and reliability of the internet,” said Deepika Chauhan, Chief Product Officer at DigiCert.
“By open-sourcing our DCV library, we’re not only sharing the tools we’ve refined over years of experience, but we’re also fostering trust and collaboration across the Web PKI community. We believe making this library available to everyone will set a new standard for transparency and compliance, ultimately benefiting the entire digital trust community.”
Key benefits of the open-source DCV library
- Compliant DCV Practices: Offers CAs a robust, pre-built solution for performing domain control validation in alignment with industry standards, eliminating the need to create and maintain proprietary code.
- Enhanced Transparency: Open access allows the global community to review, test, and validate the code, fostering trust and collaboration.
- Community-Driven Hardening: Public scrutiny will identify and mitigate vulnerabilities, further strengthening the library’s security and efficiency for DigiCert and other users.
Two critical challenges
The release of DigiCert’s DCV library is an industry first for the certificate authority ecosystem. While open-source PKI solutions are not new, no organisation has specifically open-sourced a dedicated DCV library until now. This initiative addresses two critical challenges:
- Accessible, Scalable Implementation: The library provides developers with an open, transparent, and scalable solution for domain control validation. Many certificate authorities lack the resources to develop and maintain a robust, field-tested implementation of this critical digital trust process, making the library an invaluable option.
- Enhanced Security Through Community Scrutiny: As the first open-source DCV implementation, the library invites widespread industry scrutiny, enabling vulnerabilities and other bugs to be identified and addressed more quickly. Closed-source implementations often leave risks undetected for years due to limited testing resources. By fostering collaboration and accountability, this initiative strengthens digital trust across the ecosystem, incentivising CAs and developers to ensure the library meets the highest standards of quality and security.
Expanding the commitment to the Web PKI community
The open-source DCV library builds on DigiCert’s legacy of leadership in advancing transparency and best practices within the Web PKI space.
Just as DigiCert has enhanced trust through innovations like Certificate Transparency and pkilint, this initiative represents another step forward in safeguarding the integrity of the internet.
