SSL News

Perspectives: Extension to change how Firefox handles SSL Certificates

September 1, 2008

There has been plenty of debate lately about how Firefox handles self-signed SSL Certificates. Instead of just whining about it, some researchers at Carnegie Mellon have released a Firefox extension that changes how it handles SSL Certificates.

SSL Seminars and Podcasts

September 1, 2008

Tired of reading? Learn more about SSL and the Extended Validation SSL certificates using one of these seminars or podcasts.

Fallacies of evaluating EV

August 24, 2008

Tim Callan from VeriSign has posted about several fallacies that he encounters when discussing EV SSL Certificates.

Changes made by Google enable complete SSL encryption

August 24, 2008

Google recently enabled a feature that allows all traffic (including session cookies) to be transmitted securely.

More Discussion About How Firefox 3 Handles SSL Certificates

August 22, 2008

Though it has been talked about many times before, several sites, including Slashdot, continue to discuss whether Firefox 3 handles invalid SSL certificates in the right way.

KeyCzar, an open source cryptographic toolkit is released

August 18, 2008

The Google Security Team has developed and released an open source cryptographic toolkit that makes it easier and safer for developers to use cryptography in their applications.

Over 50% of browsers can now use EV SSL Certificates

August 18, 2008

VeriSign has posted about a statistic that means good news for EV certificates and consumers in general: Over 50% of browsers can now use EV SSL Certificates

Firefox 3 developer explains "broken" SSL error pages

August 10, 2008

Johnathan Nightingale, a user interface developer for Firefox, has responded to the criticisms of the way that self-signed certificates are handled in Firefox 3.

Kaminsky DNS Flaw + Domain Validated SSL = Phisher's Paradise

August 5, 2008

The recent news about a DNS flaw discovered by Dan Kaminsky has been highly publicized and the details of the flaw have even been released. How does this new flaw open up phishing attacks using Domain Validated SSL Certificates?

Do EV Certificates Just Enhance The Bottom Line?

August 5, 2008

Mike Fratto posted an article in Information Week about how EV certificates don't increase trust. He claims that they only help line the pockets of certificate authorities like VeriSign.