SSL News

Firefox 3 Released with EV Support

June 17, 2008

The new version of Firefox, Firefox 3, was released today. High on its list of important new features is its support for EV SSL certificates and other security features.

Detect Bad Debian OpenSSL Certificates Using Firefox

June 1, 2008

Márton Anka has created a Firefox extension that can recognize when a web site you are using has an SSL Certificate created using a flawed version of Debian's OpenSSL.

Lessons Learned from Debian's OpenSSL Flaw

May 26, 2008

Russ Cox has posted about the recent flaw that was found in Debian's version of OpenSSL and what programmers can learn from it.

XSS vulnerability found on PayPal

May 18, 2008

An XSS vulnerability has been discovered on a PayPal page that could enable attackers to make a fake page that steals users' personal information. EV Certificates are speculated to make the problem worse.

Woops! Debian's OpenSSL Security Flaw

May 18, 2008

Debian Linux has been revealed to have a major security flaw. The distribution changed its OpenSSL code and inadvertently made private keys easily crackable.

VeriSign Has Now Issued Over One Million SSL Certificates

May 18, 2008

VeriSign issued a press release stating that they have surpassed the one million mark for SSL Certificates.

Firefox 3's Site Identification button

May 11, 2008

Deb Richardson from Mozilla explains Firefox 3's new Site Identification button and how it helps users recognize trusted web sites and avoid untrusted sites.

Choosing an SSL Provider on Slashdot

May 4, 2008

A user on AskSlashdot asked about how to pick a SSL Certificate Provider. There were a variety of answers.

XSS and the 'Green Bar'

April 27, 2008

Larry Seltzer ponders on how the use of EV SSL Certificates might cause more XSS issues and offers a potential solutions.

Say No To SGC SSL Certificates

April 20, 2008

SGC SSL Certificates, which enable older browsers to connect to a site using 128-bit encryption even if the normal browser encryption rate is 40-bit, seem to provide a great advantage to many sites. But are they actually causing more harm than good?