How To Render Ssl Useless (Owasp Sweden)
|
|
|
||||||||||||
Description:
This is the video of the presentation titled "How to Render SSL Useless" given by Ivan Ristic at OWASP Sweden this year.
He talks about the latest discovered threats in SSL and insecure deployment issues which include:
1. Inconsistent DNS configuration
2. Different sites on port 80 and 443
3. Self signed certificates
4. Not using EV certificates
5. Badly configured SSL servers
6. Using incomplete certificates
7. Mixing SSL and plain text on a site
8. Using SSL for important bits
9. Not using secure cookies
10. Mixed page content
The full presentation of his talk can be downloaded here.
He talks about the latest discovered threats in SSL and insecure deployment issues which include:
1. Inconsistent DNS configuration
2. Different sites on port 80 and 443
3. Self signed certificates
4. Not using EV certificates
5. Badly configured SSL servers
6. Using incomplete certificates
7. Mixing SSL and plain text on a site
8. Using SSL for important bits
9. Not using secure cookies
10. Mixed page content
The full presentation of his talk can be downloaded here.