IMPROPER USE OF PKI, ESPECIALLY SSL


Please sign in to view the rest of this entry.

IMPROPER USE OF PKI, ESPECIALLY SSL
1011404IMPROPER USE OF PKI, ESPECIALLY SSL
<anchor role="natural" id="p2001b4bf9980348"></anchor><emphasis role="bold">OVERVIEW OF THE SIN</emphasis> Public Key Infrastructure, or PKI, is commonplace on the Internet. It’s used in SSL/TLS (hereinafter SSL) communications; it’s used in IPSec, smart-card logon, and secure e-mail using S/MIME. But it’s notoriously hard to get right. From this point on, we will talk in terms of SSL because it is prevalent, but for most purpose…
Citation
Michael Howard; David LeBlanc; John Viega: 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. IMPROPER USE OF PKI, ESPECIALLY SSL, Chapter (McGraw-Hill Professional, 2010), AccessEngineering Export