Tag Archives: Opera

Should You Use SHA-2?

December 11, 2012 by Bruce Morton     1 Comment

A common question we receive from certificate customers: should we ask Entrust to sign our certificate with a signature using the SHA-2 hashing algorithm?

HSTS Update

July 16, 2012 by Bruce Morton     No Comments

HTTP Strict Transport Security (HSTS) will soon be finalized and available in an IETF standard. The request for comment (RFC) is at version 11 and the IESG has put out a last call for comments. HSTS is a security policy mechanism where a Web server tells a supporting browser that it can only connect to [Read More...]

Google Rethinks Revocation

March 7, 2012 by Jon Callas     No Comments

Google has decided in Chrome that they’re going to take a different approach to certificate revocation. Chrome developer Adam Langley describes the decision in detail in his blog, Imperial Violet. Unlike a number of CAs, we think this is a pretty good idea, even if incompletely executed so far. Revocation is a difficult task. It [Read More...]

Don’t fear the BEAST

October 25, 2011 by Jon Callas     No Comments

A few weeks ago, Juliano Rizzo and Thai Duong published a paper on an SSL attack that they call BEAST, which decrypts parts of an SSL connection. Before I discuss it at length, let me cut to the chase on it. Q: Is this something that you need to worry about? A: No. Here’s a [Read More...]

Filed Under: Secure Browsing, SSL Tagged With: Chrome, Firefox, IE

Why Your Browser Matters

October 13, 2011 by Bruce Morton     No Comments

Over the past couple of weeks, the Online Trust Alliance (OTA) and Microsoft have launched campaigns promoting the use of modern browsers. OTA’s campaign, “Why Your Browser Matters,” provides tools and resources to help website operators provide user education on the value of keeping browsers current. What appears to be complementary to the OTA campaign [Read More...]

Filed Under: Secure Browsing, SSL Tagged With: Firefox, Internet explorer, Microsoft

SSL Session Resume

June 28, 2011 by Bruce Morton     No Comments

Yngve Pettersen of Opera has written a great article on SSL Session Resume. The SSL session resumption feature in the SSL/TLS protocol allows multiple connections to use the same negotiated secret key data to calculate encryption keys for the connection. This allows a secure connection to be re-established very quickly with no loss of security, [Read More...]

Filed Under: SSL Deployment Tagged With: Performance, SSL

Online SSL Tools

September 14, 2010 by Bruce Morton     No Comments

So you’ve gone to the trouble of buying and installing an SSL certificate.  How do know you installed it properly?  Some would just test the site by trying it with their browser. The problem is that Internet Explorer and Firefox validate the certificate path differently.  Firefox will install an intermediate certificate while IE doesn’t.  IE [Read More...]

Filed Under: SSL Deployment Tagged With: Firefox, Internet explorer, OpenSSL