PKI Consortium blog

Posts by tag OpenSSL

Getting the Most Out of SSL Part 2: Configuration
June 29, 2013 by Ryan Hurst Attack CASC DH Forward Secrecy OpenSSL PKI RC4 RSA SSL/TLS TLS 1.0 TLS 1.2 Vulnerability
They say the most complicated skill is to be simple; despite SSL and HTTPS having been around for a long time, they still are not as simple as they could be. One of the reasons for this is that the security industry is constantly learning more about how to design and build secure systems; as a result, the protocols and software used to secure online services need to continuously evolve to keep up with the latest risks.

RSA Recap – Securing Your Site
March 8, 2013 by Ben Wilson BEAST CASC Encryption Firefox Hash Function HSTS OpenSSL Policy RSA SSL/TLS TLS 1.1 TLS 1.2 Vulnerability
At RSA last week a few of us participated in panel discussions that focused on SSL/TLS. During the panel that I moderated on Friday, one theme we addressed was secure server configuration. One of CASC’s goals is to help harden existing SSL/TLS implementations against vulnerabilities—because most SSL/TLS exploits arise from suboptimal website configurations. These vulnerabilities and attacks can be mitigated or even eliminated with proper server configuration and good website design.

Participate in our community discussions and/or join the consortium