Techniques for fighting mis-issuance of TLS certificates The web has reached the tipping point where encrypted traffic – connections protected by HTTPS, which is HTTP over SSL/TLS – has overtaken unencrypted (HTTP) traffic. There are many reasons for this change, variously called HTTPS Everywhere or Always-On SSL, which we described in a previous FYI blog […]
Choosing amongst the different certificate types Imagine three brothers. The youngest is nimble, outgoing, and popular. He’s also growing very rapidly and will soon be the tallest in the family. The oldest is steady, thoughtful, and circumspect. He’s a high achiever, in a job with lots of responsibilities and makes loads of money. But what […]
We’ve written quite a lot in past FYI Blog posts about SSL/TLS certificates, the critical building block to secure communication on the Internet. We described what such certificates were, their use in securing the communications channel between a client (browser) and a server, different types of certificates and the pros and cons of using each. […]
Our latest “Ask Erik” question involves TLS delivery of email over SMTP. Hello! I read the “How Can You Tell if an Email Was Transmitted Using TLS Encryption?” article, and found it very helpful and informative! I am currently looking into Mail Chimp’s encryption practices. On their website they advertise “SSL Encryption”. I’m not sure […]
With the ever-increasing flow of large-scale hacks, many seem resigned to the fact that its only a matter of time before they get hit too. Security and its challenges have fully penetrated mainstream thought. Everyone knows that the CIA, the FBI, Russia, and even the hacker next door can break into your computer or phone, […]
