OpenGear Networks
Sunday, 08 August 2010
The EFF[1] has an interesting project going on - an SSL Observatory [2]. They've collected a fairly large set of SSL certificates from various (public) IPs that are running an SSL enabled HTTPS server on port 443 and then done some analysis on the various aspects of the certificates. It is a very nice study and points out how many "poorly" implemented SSL servers there are out there. They also mention some bits (pun intended) about the Debian SSL [3,4] issue as well. The accompanying presentations (PDFs, [5] and [6] are very nice reads as well. Thanks to LWN [7] for pointing this out.
URL[1]: https://www.eff.org/
URL[2]: https://www.eff.org/observatory
URL[3]: http://digitaloffense.net/tools/debian-openssl/
URL[4]: http://wiki.debian.org/SSLkeys
URL[5]: https://www.eff.org/files/DefconSSLiverse.pdf
URL[6]: https://www.eff.org/files/map-of-CAs.pdf
URL[7]: http://lwn.net/Articles/398857/