" ssl Archives - Page 3 of 6 - LuxSci

Posts Tagged ‘ssl’

What’s the latest with HTTPS and SSL/TLS Certificates?

Wednesday, August 2nd, 2017

We’ve written quite a lot in past FYI Blog posts about SSL/TLS certificates, the critical building block to secure communication on the Internet. We described what such certificates were, their use in securing the communications channel between a client (browser) and a server, different types of certificates and the pros and cons of using each.

Given the changes in the Internet landscape over the past five years, we feel it is time to revisit these topics. The technical details described in the earlier posts remain unchanged. What has changed, though, are the traffic patterns for HTTPS-based communications, additional vulnerabilities arising as a consequence and ways to mitigate these. This post will provide a general overview of certain changes in the Internet landscape over the past few years, while subsequent blog posts will describe some of the topics identified here in greater detail.SSL TLS Certificates

Read the rest of this post »

Tags: certificate transparancy, google, http/2, https, Lets Encrypt, ssl, tls
Posted in LuxSci Library: Security and Privacy
No comments »

What is really protected by SSL and TLS?

Saturday, April 8th, 2017

This question came in via Ask Erik:

Hi Erik,

I stumbled upon your blog while trying to learn a little about SSL/TLS in the context of client/server e-mail sessions, i.e. not web mail which I understand to be an HTTP session.  I am just an ordinary user with no special security needs but I find all this news about corporate and government surveillance to be troubling for both philosophical and practical reasons.  In any case my questions is quite simple.

My e-mail client, apple mail, and my e-mail service provider both support SSL so my e-mail exchanges between my computer and the server are encrypted.  I understand that I can’t control what happens with other e-mail servers.  What I am trying to understand is what does it mean to be encrypted?  When an e-mail leaves my computer how much of the message is encrypted?   Are the e-mail headers encrypted including the sender and recipient e-mail addresses.  I would assume so but nobody talks about the details.  What metadata trail does a user leave when using SSL/TLS.  Is it is as simple as the destination and sending IP address with everything else encrypted?  Reading Data and Goliath right now by Bruce Schneider which talks about a lot of this stuff but again doesn’t give quite enough detail.  At the end of the day I am trying to understand how much protection SSL really provides.

SSL (now TLS) protects data as it travels across the Internet. To understand in detail how SSL works, we recommend reading: How does Secure Socket Layer (SSL andTLS) work?  However, looking at how the protocol works can leave answers to some of these fundamental questions a little unclear.  Lets address them one by one.

SSL and TLS Security

Read the rest of this post »

Tags: email, server name indication, SNI, ssl, tls, TOR, vpn
Posted in LuxSci Library: Security and Privacy
No comments »

Infographic – SSL vs TLS: What is the Difference?

Friday, October 9th, 2015

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are foundations of security on the Internet.  However, between colloquial usage and the relationship between these security protocols, there is a lot of confusion regarding how they are related, how they are different, and what to use in what situation.

For a detailed analysis of these differences and similarities, see: TLS versus SSL: What is the Difference?

The following infographic simplifies and summarizes the comparison.

Read the rest of this post »

Tags: ciphers, secure sockets layer, ssl, ssl v3.0, tls, tls v1.0, transport layer security
Posted in Dedicated & Cloud Servers, LuxSci Library: Security and Privacy
No comments »

Enable HSTS (HTTP Strict Transport Security) at LuxSci

Monday, April 27th, 2015

HSTS (HTTP Strict Transport Security) protects your secure web site against “security downgrade attacks”.  E.g. it stops people from accessing insecure versions of your site or pages when secure versions are available.  This, in turn, helps prevent man-in-the-middle and other types of attacks on people using your web site.  HSTS is a very simple and very powerful tool that you can use to lock down the web site security provided by your SSL certificate.

LuxSci web hosting customers with SSL can now enable HSTS for their sites by simply checking the HSTS box in their web site configuration area. 

What are the benefits of HTTP Strict Transport Security?

They are many. HSTS can

Read the rest of this post »

Tags: HSTS, ssl, Strict Transport Security
Posted in LuxSci Library: Security and Privacy
No comments »

The Case For Email Security

Tuesday, March 31st, 2015

We all know that regular email is insecure; however, it may surprise you to learn just how insecure it really is. For example, did you know that messages you deleted years ago may be on servers halfway around the world? Or that your messages can sometimes be read and modified in transit, even before they reach their destination? Did you know that forging email is very, very easy? Can you trust what you read in an email? Email was not designed with security in mind, and as a result, many different solutions have evolved to plug the multitude of resulting issues.

This article will explain how email works, what the real email security issues are, what mitigations to these are generally in use, and what else you can do to protect your email.

Case for Email Security

Information security and integrity are essential as we use email to send confidential and sensitive information over this medium every day. While reading this article, imagine how these security problems could affect your business, your personal life, and your identity if they have not already.

Read the rest of this post »

Tags: asymmetric encryption, eavesdropping, email security, false messages, http, identity theft, imap, invasion of privacy, message modification, Message Replay, opportunistic TLS, pgp, pop, repudiation, s/mime, Simple Mail Transport Protocol, smtp, SMTP relaying, smtp server, ssl, ssl certificate, symmetric encryption, tls, Unprotected Backups
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy
14 Comments »

« Older Entries
Newer Entries »