SIN 23Improper Use of PKI, Especially SSL
OVERVIEW OF THE SIN
Public Key Infrastructure, or PKI, is commonplace on the Internet. It’s used in SSL/TLS (hereinafter SSL) communications; it’s used in IPSec, smart-card logon, and secure e-mail using S/MIME. But it’s notoriously hard to get right.
From this point on, we will talk in terms of SSL because it is prevalent, but for most purposes, we’re really talking about PKI-related sins as a whole.
SSL, the Secure Sockets Layer (along with its successor, Transport Layer Security, or TLS), is the most popular means to create secure network connections. It’s widely used in Web browsers to secure potentially sensitive operations such as HTTP-based banking because from a user’s perspective, “it just ...
Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.