Public Key Infrastructure (PKI) is kind of a big deal. It underpins widespread web encryption and the entire system of privacy and data protection across the Internet and many other public networks. In short, it’s what makes your SSL certificate work and helps keep your private information private on a daily basis. But what is it, exactly, and how does it work?
A team of researchers has recently discovered a vulnerability that can affect HTTPS and other services that utilize TLS or SSL. Known as the Raccoon Attack, this vulnerability specifically affects TLS 1.2 and earlier versions of the encryption protocol. Is it something the average website owner should worry about? (Spoiler: not really, but it’s always good to be informed.)
In today’s blog post we’re going to shed some light on two often mixed up technical terms. Although authentication and authorization sound somewhat similar with both being integral to online security processes, that’s where the similarities end. As it turns out, they serve quite different functions.
Generally, with every major browser update there comes a tightening of security measures, and rightly so. Google Chrome 86 is no exception. The newest version of the Chrome browser is set for release on October 6th, 2020, and will have a promising new feature — protecting users from dodgy text boxes.
Although Certificate Authorities (CAs) are central to the operation of the SSL industry and, in turn, the overall security of the Internet, casual Internet users probably don’t know a whole lot about them. They visit websites with HTTPS-enabled websites not realising the role CAs play in establishing that secure connection. Similarly, some website owners may buy an SSL certificate without really knowing where it came from.
The Coronavirus pandemic has been an unprecedented time in many ways. Beyond entire populations and societies having to adjust to deal with its impact, there has also been an unfortunate uptick in cyber crime related to the virus.
A point of confusion for many people is the difference between TLS and SSL certificates. It’s an understandable confusion, especially when you consider the fact that in 2020, SSL certificates actually work by using the TLS protocol. What exactly does all that mean?