• Google Rethinks Revocation

    Google has decided in Chrome that they’re going to take a different approach to certificate revocation. Chrome developer Adam Langley describes the decision in detail in his blog, Imperial Violet. Unlike a number of CAs, we think this is a pretty good idea, even if incompletely executed so far. Revocation is a difficult task. It is difficult because it requires

        in Certificate Management, SSL
    0
  • Don’t fear the BEAST

    A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection. Before I discuss it at length, let me cut to the chase on it. Q: Is this something that you need to worry about? A: No. Here’s a slightly more detailed explanation. The

        in Secure Browsing, SSL
    0
  • Why Your Browser Matters

    Over the past couple of weeks, the Online Trust Alliance (OTA) and Microsoft have launched campaigns promoting the use of modern browsers. OTA’s campaign, “Why Your Browser Matters,” provides tools and resources to help website operators provide user education on the value of keeping browsers current. What appears to be complementary to the OTA campaign is the Microsoft announcement of

        in Secure Browsing, SSL
    0
  • Online SSL Tools

    So you’ve gone to the trouble of buying and installing an SSL certificate.  How do know you installed it properly?  Some would just test the site by trying it with their browser. The problem is that Internet Explorer and Firefox validate the certificate path differently.  Firefox will install an intermediate certificate while IE doesn’t.  IE validates the shortest path, while

        in SSL Deployment
    0
  • Why Your Browser Matters

    Over the past couple of weeks, the Online Trust Alliance (OTA) and Microsoft have launched campaigns promoting the use of modern browsers. OTA’s campaign, “Why Your Browser Matters,” provides tools and resources to help website operators provide user education on the value of keeping browsers current. What appears to be complementary to the OTA campaign is the Microsoft announcement of

        in Secure Browsing, SSL
    0
  • Online SSL Tools

    So you’ve gone to the trouble of buying and installing an SSL certificate.  How do know you installed it properly?  Some would just test the site by trying it with their browser. The problem is that Internet Explorer and Firefox validate the certificate path differently.  Firefox will install an intermediate certificate while IE doesn’t.  IE validates the shortest path, while

        in SSL Deployment
    0