Security news that informs and inspires

Archive

5 results for tag TLS:

Browsers Will Block Sites Using Old Versions of TLS

Starting in March 2020, all the major web browsers—Firefox, Chrome, Safari, and Edge—will display warnings when users visit websites that only support Transport Layer Security (TLS) versions 1.0 or 1.1. Users will be unable to visit those sites.

TLS, Browser Security, SSL Security

TLS Delegated Credentials to Protect Private Keys on Web Servers

Mozilla, Firefox, and Cloudflare team up to tackle a specific TLS security problem: what to do in CDN and large web deployments where the private key has to be installed on every web server. Delegated credentials are short-lived TLS private keys that are generated by the web server.

TLS, SSL

Attackers Are Hiding By Tampering With Encrypted Web Traffic

Attackers are increasing their use of "cipher stunting," a technique that randomizes their SSL/TLS signatures, to obscure the malicious web traffic and make it harder to detect.

TLS, Bot

Facebook Open Sources Fizz For TLS 1.3 Deployments

TLS 1.3 has been approved, and Facebook has open sourced Fizz, a TLS 1.3 library, to help developers and server operators deploy TLS 1.3 for their mobile apps, services, and appliances such as load balancers

Facebook, TLS

New CA Focus on EV Certs Won’t Stop Phishing

The CA Security Council's London Protocol attempts to address the problem of phishing sites with legitimate SSL/TLS certificates, but the initiative perpetuates the myth that the pricier EV certificates are more secure than DV certificates.

SSL Certificates, TLS, Encryption, Certificate Authority