Russ Cox has posted about the recent flaw that was found in Debian's version of OpenSSL and what programmers can learn from it.
An XSS vulnerability has been discovered on a PayPal page that could enable attackers to make a fake page that steals users' personal information. EV Certificates are speculated to make the problem worse.
Debian Linux has been revealed to have a major security flaw. The distribution changed its OpenSSL code and inadvertently made private keys easily crackable.
VeriSign issued a press release stating that they have surpassed the one million mark for SSL Certificates.
Deb Richardson from Mozilla explains Firefox 3's new Site Identification button and how it helps users recognize trusted web sites and avoid untrusted sites.
A user on AskSlashdot asked about how to pick a SSL Certificate Provider. There were a variety of answers.
Larry Seltzer ponders on how the use of EV SSL Certificates might cause more XSS issues and offers a potential solutions.
SGC SSL Certificates, which enable older browsers to connect to a site using 128-bit encryption even if the normal browser encryption rate is 40-bit, seem to provide a great advantage to many sites. But are they actually causing more harm than good?
PayPal, the most attacked company in phishing attacks, is planning to block users who use older, unsecured browsers that don't have anti-phishing protection.
A new phishing attack, imitating the Bank of America website, tries to gain users trust by claiming to create a personal certificate to be authenticated by.