November 2012 - Entrust, Inc. 1-8 of 8

SSL – Privacy, Integrity, Authenticity

November 29, 2012 by Bruce Morton
I was recently reminded by a couple of security researchers that SSL provides privacy, integrity and authenticity.

HSTS RFC Finalized

November 21, 2012 by Bruce Morton
HTTP Strict Transport Security (HSTS) has been finalized and published as RFC 6797. The purpose of HSTS is to allow a website to declare to complying users’ agents that they should interact with it using a secure connection such as HTTPS. In order to implement HSTS, a website must have a statement in its header, such [Read More...]

Facebook Steps up SSL Game

November 20, 2012 by Bruce Morton
A year and a half ago, I wrote a blog, Nice Try Facebook. This was my response to Facebook’s turning on of HTTPS for users. Probably a response to mitigate the new Firesheep attack. (BTW, happy second birthday Firesheep; more than 2.4 million downloads in two years.) My issue with Facebook was the HTTPS feature [Read More...]

Certificate Transparency Birds of a Feather

November 19, 2012 by Bruce Morton
I was recently reminded by a couple of security researchers that SSL provides privacy, integrity and authenticity.

Twitter Latest Victim of Weak Password Breach

November 12, 2012 by Mike Byrnes
Today, it’s Twitter who fell victim to a breach from weak passwords

Web PKI Birds of a Feather

November 7, 2012 by Bruce Morton
At the Internet Engineering Task Force (IETF) 85 conference, there was a Birds of a Feather (BoF) meeting on Web PKI operations.

Six Steps to Help SMBs Avoid Online Fraud, Financial Loss

November 6, 2012 by Mike Byrnes
Small-business (SMB) owners wear many hats and are pulled in many directions, they should take 15 minutes to do a little “homework” and benefit from the lesson Primary Systems learned the hard way.

Android SSL Problems

November 1, 2012 by Bruce Morton
There have been a lot of articles written recently about Android SSL problems for applications, which were recently reported by German university researchers.