Perhaps the most important thing to understand about the SSL/TLS/HTTPS system that secures websites is that you are not supposed to understand it. I say this as a follow-up to my last blog, which ...

If you’ve followed the steps we laid out in our initial feature, you’ve got a safe Nginx server all set up and working. It’s serving your static pages without any issue. We don’t yet have a database, ...

SSL offload to GPU's died about a decade ago, when AES-NI became a meaningful thing. You can do line rate 10G AES on a single cores worth of AES-NI in x86 land, taking the latency hit of pushing that ...

The ‘CRIME’ attack announced last week exploits the data compression scheme used by the TLS (Transport Layer Security) and SPDY protocols to decrypt user authentication cookies from HTTPS (HTTP Secure ...

SSL and its descendent, TLS, are protocols that encrypt internet traffic, making secure internet communication and ecommerce possible. The decades-long history of these protocols has been marked by ...

SSL and TLS are similar technologies because they share a codebase, though one is better than the other. In fact, one is dead and the other still reigns supreme to the time this day. By end of this ...

Do you know what SSL protocols you expose to your users? Are your settings optimized for security? Have you properly deprecated older TLS certs? Here's what you need to know. Most of us take Secured ...

The Internet Engineering Task Force (IETF) has approved version 1.3 of the Transport Layer Security (TLS), the key protocol that enables HTTPS on the web. TLS 1.3 was approved by engineers at an IETF ...

Twitter has begun enforcing HTTPS connections between applications and its API. UPDATE: As of yesterday, Twitter’s application programming interface (API) will only recognize traffic traveling via ...

An absurd number of CMS plugins and PHP libraries are disabling SSL/TLS certificate validation on purpose, and by doing so, they're putting millions of internet users at great risk. To make matters ...