Certificate Pinning

(get it in RSS or Atom)

Monday review - the hot 15 stories of the week

Monday review

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

Turkish Certificate Authority screwup leads to attempted Google impersonation

shutterstock_brokenpadlock250

Another Certificate Authority has been caught out having issued certificates that were being used to impersonate Google. Does the SSL padlock not mean we are safe anymore?

SSL certificate safety bolstered by standards that lessen dependence on CAs

SSL certificate safety bolstered by standards that lessen dependence on CAs

Two new proposals have been submitted to the IETF attempting to fix some of the trust problems inherent in the current SSL certificate system used to secure our online communications.