Firefox 3's Site Identification button
Deb Richardson from Mozilla explains Firefox 3's new Site Identification button and how it helps users recognize trusted web sites and avoid untrusted sites.
Choosing an SSL Provider on Slashdot
A user on AskSlashdot asked about how to pick a SSL Certificate Provider. There were a variety of answers.
XSS and the 'Green Bar'
Larry Seltzer ponders on how the use of EV SSL Certificates might cause more XSS issues and offers a potential solutions.
Say No To SGC SSL Certificates
SGC SSL Certificates, which enable older browsers to connect to a site using 128-bit encryption even if the normal browser encryption rate is 40-bit, seem to provide a great advantage to many sites. But are they actually causing more harm than good?
PayPal: unsecure browsers = cars without seatbelts
PayPal, the most attacked company in phishing attacks, is planning to block users who use older, unsecured browsers that don't have anti-phishing protection.
New phishing attack pretends to create a personal certificate
A new phishing attack, imitating the Bank of America website, tries to gain users trust by claiming to create a personal certificate to be authenticated by.
EV SSL Info from Net.Finance
Tim Callan recently answered several questions about EV SSL Certificates at Net.Finance in Scottsdale, Arizona.
VeriSign Secured Seal increases sales by 31%
VeriSign has posted a story about how one retailer increased their sales by 31% just by displaying a site seal.
New Certificate Auto-Installation Tools from Comodo
Comodo posted a press released about a new technology that can automatically generate a private key and CSR on the server and then automatically install the certificate once it is issued. This has the potential to make many certificate installation processes much simpler.
Is PCI Compliance working?
PCI Compliance, the credit card industry's standard for helping vendors avoid threats, is playing a big role is making credit card processing systems more secure. But does it really work?