Moxie Marlinspike presented on a "new" way of attacking SSL at the Black Hat security conference on Wednesday. His tool, called SSLstrip, exploits the interface between http and https sessions using techniques that have existed for years. How does it work and what is the solution?
Who watches the watchers? Every Certification Authority undergoes a stringent audit called the AICPA/CICA WebTrust Program for Certification Authorities which ensures that they are following certain procedures and security policies.
Press release about the growth of Go Daddy in the SSL Certificate market.
Press release about DigiCert's Unified Communications and Wildcard products and their Easy CSR Command Generators.
It seems that no one is immune to letting an SSL certificate expire. Not even VeriSign, the largest provider of SSL certificates.
Learn more about SSL VPN Servers and how they can give you a revolutionary way to securely access your files and applications anywhere in the world.
The newly discovered vulnerability in using MD5 signatures for SSL certificates has many people wondering about the security of their web sites and the security of other sites they visit on the Internet. You can check the security of the SSL Certificate installed on your website using this tool.
New research published today demonstrates how someone could use a weakness in the MD5 signatures allow people to make fake SSL certificates that look like they were signed by a real certificate authority. How big of a problem is it?
How does VeriSign compare to other SSL providers? A Youtube commercial explains in comedic fashion.
Unethical business practices of an SSL Certificate reseller have been exposed and it is causing many to wonder about the security and practices of SSL providers.