How to fix SSL

Who’s on First?


We look at some new approaches to certificate verification.

As you are no doubt aware, some high-profile attacks and breakins have occurred against several SSL vendors, including Komodo, which signs about a fourth or a fifth of the world’s public SSL sites. These attacks come on top of other problems over the years, like SSL certificates being sold to people who have nothing to do with the actual administration of the site in question. All these attacks have one thing in common: They exploit the authenticity properties of certificates.