+1-888-690-2424
  • Updated SSL/TLS Deployment Best Practices

    First, I would like to than Ivan Ristic for his development of the SSL/TLS deployment Best Practices document. This is a simple overview of what a Web server administrator should consider in an SSL deployment. I am also looking forward to Ristic’s book, “Bulletproof SSL/TLS and PKI,” which hopefully will be released sometime soon. Version 1.3 of the best practices

        in SSL, SSL Deployment
    0
  • RC4, CBC, what the …?

    BEAST & Lucky Thirteen attacks said, “Prioritize RC4 cipher suite.” AlFBPPS attack said, “RC4 is old and crummy. CBC-mode would be better."

        in Certificate Management, Secure Browsing, SSL, SSL Deployment
    0
  • SSL News from Black Hat and DEF CON

    I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred in 2012? Nothing. Well, at

        in Secure Browsing, SSL, SSL Deployment
    0
  • BEAST and RC4

    In order to mitigate a BEAST attack, the advice is to prioritize RC4 cipher suites on your Web server to avoid the use of vulnerable cypher block chaining (CBC) suites. But how well do the clients support RC4? Ivan Ristić of Qualys did some tests at SSL Labs and saw that only 45 of 48,481 unique IP addresses (0.09 percent) did

        in SSL Deployment
    0
  • SSL News from Black Hat and DEF CON

    I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred in 2012? Nothing. Well, at

        in Secure Browsing, SSL, SSL Deployment
    0
  • BEAST and RC4

    In order to mitigate a BEAST attack, the advice is to prioritize RC4 cipher suites on your Web server to avoid the use of vulnerable cypher block chaining (CBC) suites. But how well do the clients support RC4? Ivan Ristić of Qualys did some tests at SSL Labs and saw that only 45 of 48,481 unique IP addresses (0.09 percent) did

        in SSL Deployment
    0