What is an idempotent request?

In computer science, an operation is idempotent if it can be performed multiple times without having a different result than the first time it was run. For example, a POST HTTPS request that updates a counter in the database is not idempotent because it alters » Continue Reading.

What are downgrade attacks?

In software security, downgrade attacks are network attacks that force victims to use older, more vulnerable versions of software in order to exploit known vulnerabilities against them. This has been especially dangerous in TLS clients supporting both modern and earlier versions of TLS, the latter » Continue Reading.

What is HTTP Strict Transport Security (HSTS)?

HTTP Strict Transport Security (HSTS) is a web security policy mechanism designed to protect HTTPS websites against downgrade attacks and cookie hijacking. A web server configured to use HSTS instructs web browsers (or other client software) to use only HTTPS connections and disallows use of the HTTP protocol. This instruction is called the » Continue Reading.

What is a chain of trust?

A chain of trust is a linked path of verification and validation from an end-entity digital certificate to a root certificate authority (CA) that acts as a trust anchor. Chain of trust for www.ssl.com, showing end-entity, intermediate, and root certificates. In SSL/TLS, S/MIME, code signing, » Continue Reading.

What is Elliptic curve cryptography (ECC)?

Source: Wikimedia Commons Elliptic curve cryptography (ECC) uses the mathematical properties of elliptic curves to produce public key cryptographic systems. Like all public-key cryptography, ECC is based on mathematical functions that are simple to compute in one direction, but very difficult to reverse. In the » Continue Reading.

What is a root store?

A root store is a list of trusted root CA certificates. A certificate authority (CA) uses one or more root certificates as trust anchors for the hierarchy of certificates the CA issues. A public-facing root store is usually maintained under the authority of a major » Continue Reading.