Server-Gated Cryptography (SGC) is a mechanism to negotiate a high level of cryptographic security SSL / TLS session based on the presence of a special certificate on the server side. The distribution of these certificates is controlled in accordance with export license from the US Department of Commerce. The SGC certificates are distinguished by a special extendedKeyUsage extension value.
SGC for years had been the safest method of data encryption. Its origins date back to the 1990s, when the US government came to Microsoft and Netscape - suppliers of the most popular browsers then - to order that those browsers on foreign markets assured encryption at a lower level. SGC went out to meet the needs of global markets, mainly financial ones, which needed a better encryption and allowed to increase the level of encryption of 40-56-bit to 128-bit encryption.
How did it work?
Web browsers of users who visited a site protected with SGC certificate, automatically were updated to a higher required level of encryption. Thus, the SGC ensured a high level of security regardless of what software a visitor used.
However, in 2000 the law was loosened, and since then the browser apply the higher encryption without the need for a Server-Gated Cryptography.
Cryptography technology and Internet security is changing, it is natural that changes occur in the certificates market.
In 2016, Comodo and DomenySSL abandoned certificates in this technology explaining that with a decrease in the number of users of older browsers drops the importance of SGC.
In fact, the use of browsers older than released after 2000 is negligible. For example, Internet Explorer 5.0 is now used by less than 0.5% of Internet users. And Netscape browser... who can still remember Netscape?
Is it worth to buy a certificate that covers just a small part of the market? It might be worth, but Comodo and DomenySSL already decided it's a bad idea.
cyber_Folks S.A. – Cookie settings