SSL News

Is it "trivially easy" to get a cert for a domain you don't own?

April 1, 2010

Betanews just published a story about a security researcher who claims that it is "trivially easy" to get an SSL certificate for a domain you don't own, thereby claiming that certificate authorities are useless. Is this true?

Certified Hype: Government Interception Attacks Against SSL

March 26, 2010

Two researchers, Christopher Soghoian and Sid Stamm, recently released a paper explaining the possibility of a government interception attack against. While insightful in some ways, it is mostly sensationalist hype that shouldn't cause any alarm.

Explanation from HSBC on why they use EV certificates

March 9, 2010

Watch the HSBC video and see how HSBC increases security and consumer confidence with VeriSign Extended Validation (EV) SSL Certificates. With more than 80 million customers worldwide accessing 2,000 HSBC Web sites and a rapidly growing demand on internet banking services, there is a constant focus on accessibility, usability and deliverability. That's why HSBC chose VeriSign as its EV SSL security provider.

Do I Need An SSL Certificate For My Website?

March 6, 2010

You’ve probably heard of 128-bit encryption, or seen the green address bar of an EV SSL certificate, and now you’re wondering “Do I need an SSL certificate on my site?”

Cheap SSL Providers (Who is the cheapest SSL Provider?)

January 23, 2010

Looking for a cheap SSL provider? Using our database of certificates from the major SSL providers, we have calculated the average cost per certificate.

How to Render SSL Useless

January 14, 2010

Today, Ivan Ristic gave an interesting presentation at OWASP London entitled "How to Render SSL Useless" including the Top 11 SSL deployment mistakes that render SSL useless.

12 Critical Tips for Safe Online-Shopping During the Holidays

December 10, 2009

Entrust writes a press release about 12 ways to stay safe when shopping online this holiday season.

MashSSL Alliance Formed to Promote Open Standard for Trust Establishment Between Web Applications

November 12, 2009

Industry Leaders Including Comodo, DigiCert, Entrust and VeriSign Join Forces to Create Open Standard Based on MashSSL Technology Developed by Application Authentication Pioneer SafeMashups

idAlliance Corporation Releases iManageCerts(TM) Certificate Management Tool

November 12, 2009

iManageCerts provides organizations with monitoring and maintaining of SSL Certificates and preventing expiration outages.

SSL and TLS Renegotiation Vulnerability Discovered

November 5, 2009

Details of a new vulnerability involving SSL and TLS has been discovered. The vulnerability involves a flaw in renegotiation and allows man-in-the-middle attackers to surreptitiously introduce text at the beginning of an SSL session.