Perfect Forward Secrecy
The topic of perfect forward secrecy has come up due to the alleged actions of NSA and PRISM. It has been reported the NSA has been able to trap website communications and then are able to search and review those communications at a future time. Users that use SSL were assuming their communications were secure. [Read More...]
Certificate Transparency Birds of a Feather
I was recently reminded by a couple of security researchers that SSL provides privacy, integrity and authenticity.
Living with HTTPS
Here is a post by Adam Langley, a transport security person at Google. These were his notes before a talk that he did at HOPE9 last week. HOPE stands for Hackers on planet Earth. Adam’s talk does not focus on CAs and certificates. His notes deal with HTTPS issues and he really pushes for the [Read More...]