SSL News

Moxie Marlinspike's New SSL Attack is Nothing New

February 22, 2009

Moxie Marlinspike presented on a "new" way of attacking SSL at the Black Hat security conference on Wednesday. His tool, called SSLstrip, exploits the interface between http and https sessions using techniques that have existed for years. How does it work and what is the solution?

What is WebTrust for CAs (Certification Authorities)?

February 16, 2009

Who watches the watchers? Every Certification Authority undergoes a stringent audit called the AICPA/CICA WebTrust Program for Certification Authorities which ensures that they are following certain procedures and security policies.

GoDaddy Captures 47 Percent of SSL Market

February 1, 2009

Press release about the growth of Go Daddy in the SSL Certificate market.

DigiCert SSL Certificate Products Offer Multiplicity, Affordability and Compatibility

February 1, 2009

Press release about DigiCert's Unified Communications and Wildcard products and their Easy CSR Command Generators.

VeriSign Forgets to Renew an SSL Certificate

January 25, 2009

It seems that no one is immune to letting an SSL certificate expire. Not even VeriSign, the largest provider of SSL certificates.

SSL VPN Servers

January 18, 2009

Learn more about SSL VPN Servers and how they can give you a revolutionary way to securely access your files and applications anywhere in the world.

Check SSL Certificates for the Vulnerable MD5 Algorithm

January 4, 2009

The newly discovered vulnerability in using MD5 signatures for SSL certificates has many people wondering about the security of their web sites and the security of other sites they visit on the Internet. You can check the security of the SSL Certificate installed on your website using this tool.

MD5 Weakness Allows Fake SSL Certificates To Be Created

December 30, 2008

New research published today demonstrates how someone could use a weakness in the MD5 signatures allow people to make fake SSL certificates that look like they were signed by a real certificate authority. How big of a problem is it?

VeriSign Vs. Non-VeriSign SSL Certificates

December 28, 2008

How does VeriSign compare to other SSL providers? A Youtube commercial explains in comedic fashion.

SSL Certificate for Mozilla.com Issued Without Validation

December 23, 2008

Unethical business practices of an SSL Certificate reseller have been exposed and it is causing many to wonder about the security and practices of SSL providers.