
Authoritative.
Strategic.

A pair of security researchers have proposed an extension to the Transport Layer Security (TLS) protocol that would allow browsers to detect and block fraudulently-issued SSL certificates.
Data at rest has long been protected by technology called public key infrastructure (PKI), in which data is encrypted when it's created by a public key and only decrypted, in theory, by an authorized person holding the private key. But extending this type of data protection to the cloud can be complicated.
The Electronic Frontier Foundation (EFF) is proposing an extension to the current SSL chain of trust that aims to improve the security of HTTPS and other secure communication protocols.
GlobalSign expects to bring its certificate-issuing systems back online on Monday, and resume business Tuesday, it said over the weekend. The U.S. certificate authority (CA) stopped issuing new SSL certificates last Tuesday in order to audit its security, after being named as a target by the hacker who claimed to have attacked Dutch CA DigiNotar.
Iranian internet users whose security may have been compromised by the forged Google.com digital certificate could number in the hundreds of thousands. An interim report (PDF) commissioned by DigiNotar, the certification authority (CA) at the centre of the hacking incident, also reveals lax security at the Dutch firm.
Social media may have changed the way we do business, but the rules of engagement are still the same. Dynamic business environments call for flexibility. Context is everything when it ...
Developed by the CIO executive Council, Pathways is a unique, flexible, self-managed, self-paced 12-month CIO designed and delivered ...