SSL Review: March 2014

Bruce Morton
Part 7 of 14 in the Series — SSL Review

Here is a monthly SSL review of discussions about SSL (and possibly other digital certificates) from the last month.

Entrust Identity ON discussed the following:

CA Security Council discussed the following:

Big News in February

The Apple SSL bug was big news in February. The story was released, there was some speculation on how it happened, some self-tests provided and even a suggestion that this is a good way to attack a product:

Some Other Items:

Netcraft discovered fake SSL certificates deployed across the Internet.

Langley discussed TLS Symmetric Crypto.

Ristić announced that his book on Bulletproof SSL/TLS and PKI is available for early access and preorder and how to check OCSP revocation using OpenSSL.

How-To-Geek discusses problems with HTTPS and SSL security.

Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.


Add to the Conversation