Who Do You Trust with SSL?
The SSL system helps to protect secure communications across the Internet. It's also a technology that relies on trust; specifically, the trust of the SSL Certificate Authority (CA), which may not always be trustworthy, according to security researcher Moxie Marlinspike.
Speaking at the Black Hat security conference, Marlinspike detailed issues with the current CA system and proposed a new system to replace it.
The need to replace the CA system according to Marlinspike was highlighted by the recent attack on CA provider Comodo in March. Marlinspike noted that Comodo is the second largest CA in the world and the attack was able to do a lot of damage. Comodo officially blamed Iran for the attack.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.