TLS Extended Master Secret Extension: Fixing a Hole in TLS

  • 11 November 2015
  • 0 replies
  • 78 views

Userlevel 7
Badge +54
Craig Young 
Nov 11, 2015
 
                                                    http://www.tripwire.com/state-of-security/wp-content/uploads/cache//shutterstock_285461906/2098136929.jpg
 
Few Internet technologies are relied upon as heavily as TLS/SSL, yet it has been widely known for years that this fundamental security protocol does not do enough to effectively protect communications.
 
The most visible failing of TLS is the reliance on public key infrastructure (PKI) in which every certification authority (CA) becomes a potential single point of failure. Between CAs improperly issuing certificates for reserved names, getting hacked, and others simply issuing rogue certificates for trusted web sites, there is a massive problem threatening to undermine confidence in the web.
 
Full Article

0 replies

Be the first to reply!

Reply