• Chrome Shows SSL Warning for Non-FQDNs

    Entrust completed an internal test recently and was surprised by a warning from Google Chrome version 30. The test case has a Web server with a non-fully registered domain name (non-FQDN) and an SSL certificate from a publicly trusted certification authority (CA). The Chrome browser put an ‘X’ through the lock icon and a cross through ‘https.’ The warning states

        in Secure Browsing, SSL
    0
  • HTTPS Everywhere 3.0

    The Electronic Frontier Foundation (EFF) has released HTTPS Everywhere 3.0.

        in Secure Browsing, SSL
    0
  • Stopping CRIME Attacks

    This article by Dan Goodin appears to cover the most facts about the CRIME attack on SSL/TLS. It answers my first question about what the acronym means; CRIME is short for “Compression Ratio Info-Leak Made Easy.” It also confirms the attack is performed when the communication uses TLS compression. My understanding is that TLS compression is used in SPDY, which

        in Secure Browsing, SSL
    0
  • Speculation on CRIME

    The SSL industry is waiting for the Ekoparty Security Conference next week to find out more details on the CRIME SSL/TLS attack. Speculation by SSL/TLS experts? The attack is based on TLS compression. Thomas Pornin made this post on IT Security of his guesses on how compression could be used in an attack. This also ties in with the reports

        in Secure Browsing, SSL
    0
  • Stopping CRIME Attacks

    This article by Dan Goodin appears to cover the most facts about the CRIME attack on SSL/TLS. It answers my first question about what the acronym means; CRIME is short for “Compression Ratio Info-Leak Made Easy.” It also confirms the attack is performed when the communication uses TLS compression. My understanding is that TLS compression is used in SPDY, which

        in Secure Browsing, SSL
    0
  • Speculation on CRIME

    The SSL industry is waiting for the Ekoparty Security Conference next week to find out more details on the CRIME SSL/TLS attack. Speculation by SSL/TLS experts? The attack is based on TLS compression. Thomas Pornin made this post on IT Security of his guesses on how compression could be used in an attack. This also ties in with the reports

        in Secure Browsing, SSL
    0
Page 1 of 4123...»»