The new version of Firefox, Firefox 3, was released today. High on its list of important new features is its support for EV SSL certificates and other security features.
Márton Anka has created a Firefox extension that can recognize when a web site you are using has an SSL Certificate created using a flawed version of Debian's OpenSSL.
Russ Cox has posted about the recent flaw that was found in Debian's version of OpenSSL and what programmers can learn from it.
An XSS vulnerability has been discovered on a PayPal page that could enable attackers to make a fake page that steals users' personal information. EV Certificates are speculated to make the problem worse.
Debian Linux has been revealed to have a major security flaw. The distribution changed its OpenSSL code and inadvertently made private keys easily crackable.
VeriSign issued a press release stating that they have surpassed the one million mark for SSL Certificates.
Deb Richardson from Mozilla explains Firefox 3's new Site Identification button and how it helps users recognize trusted web sites and avoid untrusted sites.
A user on AskSlashdot asked about how to pick a SSL Certificate Provider. There were a variety of answers.
Larry Seltzer ponders on how the use of EV SSL Certificates might cause more XSS issues and offers a potential solutions.
SGC SSL Certificates, which enable older browsers to connect to a site using 128-bit encryption even if the normal browser encryption rate is 40-bit, seem to provide a great advantage to many sites. But are they actually causing more harm than good?