SSL News
More Discussion About How Firefox 3 Handles SSL Certificates
Though it has been talked about many times before, several sites, including Slashdot, continue to discuss whether Firefox 3 handles invalid SSL certificates in the right way.
KeyCzar, an open source cryptographic toolkit is released
The Google Security Team has developed and released an open source cryptographic toolkit that makes it easier and safer for developers to use cryptography in their applications.
Over 50% of browsers can now use EV SSL Certificates
VeriSign has posted about a statistic that means good news for EV certificates and consumers in general: Over 50% of browsers can now use EV SSL Certificates
Firefox 3 developer explains "broken" SSL error pages
Johnathan Nightingale, a user interface developer for Firefox, has responded to the criticisms of the way that self-signed certificates are handled in Firefox 3.
Kaminsky DNS Flaw + Domain Validated SSL = Phisher's Paradise
The recent news about a DNS flaw discovered by Dan Kaminsky has been highly publicized and the details of the flaw have even been released. How does this new flaw open up phishing attacks using Domain Validated SSL Certificates?
Do EV Certificates Just Enhance The Bottom Line?
Mike Fratto posted an article in Information Week about how EV certificates don't increase trust. He claims that they only help line the pockets of certificate authorities like VeriSign.
Don’t be a Victim of DNS Security Holes
The details of the new DNS attack discovered by Dan Kaminsky were recently leaked. Make sure you are safe by checking whether your ISP's DNS servers are vulnerable.
Is Mozilla's SSL policy bad for the Web?
Nat Tuck Thu has posted about how Mozilla's policy of displaying harsh warning when a site uses an untrusted certificate is causing many sites to not use SSL when they should be.
GlobalSign Launches SSL Deployment Technology
GlobalSign leading provider of online security solutions, has announced "AutoCSR" and "One-Click SSL" two new SSL deployment technologies that will revolutionize the way hosting companies provision SSL Certificates to hosting customers.
What Would It Take To Have Open CA Authorities?
The Slashdot crowd has opened a discussion about the possibility of a free, open Certificate Authority. A few pointed out the currently free alternative CAs and their problems while many brought it back to the purpose of SSL and a Public Key Infrastructure.
