CAs Support Standards and Regulations
There is an industry myth that certification authorities (CAs) are not regulated. In fact publicly-trusted SSL CAs support the development of industry regulations and have been audited annually to ensure compliance to the many requirements.
GRC has created HTTPS/SSL Fingerprints. This service allows you to check whether or not your enterprise is performing MITM on the SSL secured site that you are trying to reach. It compares the certificate fingerprint to what you would receive to the fingerprint that they receive by going direct. If they are the same, the certificate is authentic and you have no problem. If they are different, then it is likely that someone is performing MITM on your SSL connection.
SSL/TLS Deployment Best Practices
SSL Labs has created an SSL/TLS Deployment Best Practices guide. The guide contains valuable information on how to deploy SSL in your environment. The data from SSL Pulse shows us there are plenty of SSL implementations that could be executed more securely. These problems are not from the CA, the certificate, the browser or the [Read More...]