SEARCH
Archive
Bug Forces Let’s Encrypt to Revoke Millions of Certificates
Let's Encrypt will revoke three million certificates because of a subtle bug in its server software that affected the way domain records were checked.
TLS Delegated Credentials to Protect Private Keys on Web Servers
Mozilla, Firefox, and Cloudflare team up to tackle a specific TLS security problem: what to do in CDN and large web deployments where the private key has to be installed on every web server. Delegated credentials are short-lived TLS private keys that are generated by the web server.
DROWN Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.
OpenSSL Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.