We have previously written about the different types of SSL certificates, but in that article we focused on validation levels. A recent post on LinkedIn highlighted the fact that …
Google
Netcraft has published an article stating they have found many bogus SSL certificates. In this case, a bogus certificate is self-signed (i.e., not issued from a legitimate …
After the news broke that 40 million credit card numbers were stolen from Target in a data breach of epic proportions, many of their customers went to work checking their accounts …
SSL/TLS
The SSL/TLS protocol has more to offer than just providing you with transmission encryption. Its main benefit is that it provides a way for third parties to authenticate …
SSL/TLS
Previously, we advised that the SSL industry must move to the SHA-2 hashing algorithm for certificate signatures. We thought it would be helpful to provide the reasoning behind the …
CS
Microsoft
“CA Day” (also known as CA Conformity Assessment) was hosted by the German company TuVIT in Berlin on January 16, 2014. In attendance were approximately 100 people from mostly …
Mixed Content
There is no doubt that content owners and publishers have a duty to encourage trust and the confidence during internet usage by adopting security best practices. If a customer …
We have seen recently that Google detected that publicly trusted TLS/(SSL) certificates had been created for Google domains without having been requested by Google themselves. The …
Code Signing
Looking Back at 2013 Protocol Attacks The year started with a couple of SSL/TLS protocol attacks: Lucky Thirteen and RC4 attack. Lucky Thirteen allows the …
After the CASC’s previous letter addressing ICANN’s proposal to delegate nearly 2000 new gTLDs for use on the public Internet, ICANN identified and initiated an extensive study on …
