The Ultimate Study of Real-Life SSL Issues

Presented at Black Hat USA 2011, Aug. 3, 2011, 3:15 p.m. (25 minutes).

Big breaches make for interesting headlines, but in real life it's the small stuff that's breaking SSL for most web sites. This talk is the culmination of two years of work across three separate SSL Labs surveys, analysing virtually all SSL sites in the world. Using the hard data as a backdrop, we present the top challenges for the SSL ecosystem and give hints to how they should be approached. We pay special attention to the less-often mentioned issues, such as insecure session cookies, mixed content, incorrect site configuration, and distribution of trust to third-party web sites.


Presenters:

Links:

Similar Presentations: