Here is a monthly SSL review of discussions about SSL (and possibly other digital certificates) from the last month.
Entrust Identity ON discussed the following:
CA Security Council discussed the following:
- Always-On SSL, Part II
- Ten Steps to Take If Your Website Is Compromised
- Pros and Cons of Single-Domain, Multi-Domain, and Wildcard Certificates
Big News in February
The Apple SSL bug was big news in February. The story was released, there was some speculation on how it happened, some self-tests provided and even a suggestion that this is a good way to attack a product:
- Adam Langley of ImperialViolet let everyone know about the Apple SSL/TLS bug.
- Ivan Ristić provided testing for the Apple TLS authentication bug.
- Bruce Schneier discusses if the Apple iOS flaw was deliberate.
Some Other Items:
Netcraft discovered fake SSL certificates deployed across the Internet.
Langley discussed TLS Symmetric Crypto.
How-To-Geek discusses problems with HTTPS and SSL security.