HPR1720: 15 Certificate Issues and Solutions

Last time we looked at some basics about how TLS and SSL work, and saw that this is basically an application of the same technology used to encrypt e-mails. But we also noted that there are some problems with this approach. We need to recognize that in security there is never a permanent solution, and that vulnerabilities are constantly being discovered, and ideally then being fixed. Some of these may involve highly technical issues about cryptographic methods, but I think the largest category of issues is about the processes around the use of certificates. For more go to https://www.zwilnik.com/?page_id=686

Links:

• https://en.wikipedia.org/wiki/Root_certificate
• https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/included/
• https://www.zdnet.com/microsoft-warns-of-fake-google-and-yahoo-domains-7000031463/
• https://nakedsecurity.sophos.com/2013/12/09/serious-security-google-finds-fake-but-trusted-ssl-certificates-for-its-domains-made-in-france/
• https://www.eff.org/deeplinks/2011/09/post-mortem-iranian-diginotar-attack
• https://en.wikipedia.org/wiki/Man-in-the-middle_attack
• https://www.eff.org/deeplinks/2011/09/post-mortem-iranian-diginotar-attack
• https://support.mozilla.org/en-US/questions/994708
• https://convergence.io/
• https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/
• https://www.duosecurity.com/
• https://www.certificate-transparency.org/what-is-ct
• https://en.wikipedia.org/wiki/Transport_Layer_Security
• https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
• https://en.wikipedia.org/wiki/OCSP_stapling
• https://www.zwilnik.com/?page_id=686

Comments

More Information...