SSL News
How to Create and Install an Apache Self Signed Certificate
Learn how to create an Apache self signed certificate to secure your Apache web server with SSL for free.
Symantec Completes Acquisition of VeriSign’s Security Business
Symantec Corp. today announced it has completed its acquisition of VeriSign’s identity and authentication business, which includes the Secure Sockets Layer (SSL) and Code Signing Certificate Services, the Managed Public Key Infrastructure (MPKI) Services, the VeriSign Trust Seal, the VeriSign Identity Protection (VIP) Authentication Service and the VIP Fraud Detection Service (FDS). The acquisition agreement between Symantec and VeriSign also included a majority stake in VeriSign Japan and was announced on May 19, 2010.
DEFCON Presentation: The EFF SSL Observatory
The Electronic Frontier Foundation recently gave a presentation about vulnerabilities in the public SSL landscape. It covered topics such as weak keys, and trust issues with subordinate CAs.
Venafi Encryption Director Applauded for Encryption Policy Management by SC Magazine
Venafi, Inc., the leading provider of automated encryption management solutions—including certificate management and enterprise key lifecycle management—was recently acknowledged for its industry leadership in Policy Management by SC Magazine.
VeriSign to Sell Authentication Services Business to Symantec for $1.28 Billion
VeriSign, Inc. today announced a definitive agreement to sell its Authentication Services business to Symantec Corp. (NASDAQ: SYMC) for approximately $1.28 billion in cash.
SSL For Newbs
What is SSL? Learn what every web developer should know about SSL and SSL certificates.
VeriSign Exceeds 2 Billion Certificate Checks in a Single Day
VeriSign exceeds 2 billion certificate checks in a single day. The milestone, which was reached on Monday, April 12, represents an average of 23,000 online validations a second.
Is it "trivially easy" to get a cert for a domain you don't own?
Betanews just published a story about a security researcher who claims that it is "trivially easy" to get an SSL certificate for a domain you don't own, thereby claiming that certificate authorities are useless. Is this true?
Certified Hype: Government Interception Attacks Against SSL
Two researchers, Christopher Soghoian and Sid Stamm, recently released a paper explaining the possibility of a government interception attack against. While insightful in some ways, it is mostly sensationalist hype that shouldn't cause any alarm.