• Elliptic Curve Cryptograph (ECC) Demo

    Elliptic curve cryptography (ECC) for use on the Internet is gaining more support and interoperability amongst application developers. Entrust is proud to announce that ECC-based digital certificates are now supported by the full suite of Entrust Authority solutions. The promise of ECC is greater security for a given key length. This allows implementations to use smaller keys for equivalent security

        in SSL Deployment, Technical
    0
  • HTTPS Performance Tuning

    Following up my last post, “SSL is not computationally expensive anymore,” I noticed Google is still using a 1024-bit RSA certificate for Gmail. I did some digging and confirmed that the performance hit of using a 2048-bit RSA key is about five times that of 1024-bit key. So this could create a 5-10 percent load on CPU and network overhead

        in SSL Deployment, Technical
    0
  • SSL is not computationally expensive anymore

    A recurring theme in this blog is proper SSL deployment . One of the push backs that we hear is that SSL brings a lot of overhead, so it only gets deployed when absolutely necessary. Well, that myth was busted about a year ago when Google switched of Gmail to HTTPS. An article by Adam Langley of Google

        in SSL Deployment, Technical
    0
  • SSL Deployment Mistakes

    In June, Ivan Ristic of Qualys SSL Labs made a presentation at the OWASP AppSec Research 2010 conference called Breaking SSL: Why leave to others what you can do yourself? Ivan contends that “SSL is a rare application security area where we can make things virtually 100% secure, with relatively small effort.”  However, he also points out that deployment mistakes

        in EV SSL, SSL, SSL Deployment
    0
  • SSL is not computationally expensive anymore

    A recurring theme in this blog is proper SSL deployment . One of the push backs that we hear is that SSL brings a lot of overhead, so it only gets deployed when absolutely necessary. Well, that myth was busted about a year ago when Google switched of Gmail to HTTPS. An article by Adam Langley of Google

        in SSL Deployment, Technical
    0
  • SSL Deployment Mistakes

    In June, Ivan Ristic of Qualys SSL Labs made a presentation at the OWASP AppSec Research 2010 conference called Breaking SSL: Why leave to others what you can do yourself? Ivan contends that “SSL is a rare application security area where we can make things virtually 100% secure, with relatively small effort.”  However, he also points out that deployment mistakes

        in EV SSL, SSL, SSL Deployment
    0
Page 1 of 212