O'Reilly logo

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them by John Viega, David LeBlanc, Michael Howard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SIN 23Improper Use of PKI, Especially SSL

OVERVIEW OF THE SIN

Public Key Infrastructure, or PKI, is commonplace on the Internet. It’s used in SSL/TLS (hereinafter SSL) communications; it’s used in IPSec, smart-card logon, and secure e-mail using S/MIME. But it’s notoriously hard to get right.

From this point on, we will talk in terms of SSL because it is prevalent, but for most purposes, we’re really talking about PKI-related sins as a whole.

SSL, the Secure Sockets Layer (along with its successor, Transport Layer Security, or TLS), is the most popular means to create secure network connections. It’s widely used in Web browsers to secure potentially sensitive operations such as HTTP-based banking because from a user’s perspective, “it just ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required