• IETF 86 – Web PKI Working Group

    At the IETF 86 meeting in Orlando last week, there was a working group meeting discussing the operations of the Web PKI. At the previous IETF 85 meeting a birds-of-a-feather was held to discuss the purpose of having such a group.

        in Secure Browsing, SSL, SSL Deployment
    0
  • CRIME Attack on SSL/TLS

    The security researchers who brought us BEAST now have a new SSL/TLS attack: CRIME. I would like to know what the acronym CRIME stands for, but we’ll probably have to wait until Juliano Rizzo and Thai Duong present their work at Ekoparty Security Conference later this month. Little information about the attack has been published. The attack exploits an SSL/TLS

        in Secure Browsing, SSL
    0
  • SSL News from Black Hat and DEF CON

    I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred in 2012? Nothing. Well, at

        in Secure Browsing, SSL, SSL Deployment
    0
  • Phishing with SSL

    I read an article from Netcraft about Phishing on sites using SSL certificates. It reminded me that the industry has been working on anti-phishing for many years. In 2005, the SSL industry created the CA/Browser Forum. One of the issues was to create a new SSL certificate that would fight phishing. The result was the Extended Validation (EV) SSL certificate.

        in Secure Browsing, SSL
    0
  • SSL News from Black Hat and DEF CON

    I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred in 2012? Nothing. Well, at

        in Secure Browsing, SSL, SSL Deployment
    0
  • Phishing with SSL

    I read an article from Netcraft about Phishing on sites using SSL certificates. It reminded me that the industry has been working on anti-phishing for many years. In 2005, the SSL industry created the CA/Browser Forum. One of the issues was to create a new SSL certificate that would fight phishing. The result was the Extended Validation (EV) SSL certificate.

        in Secure Browsing, SSL
    0
Page 1 of 3123