Search Results

What is an idempotent request?

In computer science, an operation is idempotent if it can be performed multiple times without having a different result than the first time it was run. For example, a POST HTTPS request that updates a counter in the database is not idempotent because it alters » Continue Reading.

What are the security issues with older TLS versions?

TLS versions 1.0 and 1.1 are affected by a large number of protocol and implementation vulnerabilities that have been published by security researchers in the last two decades. Attacks like ROBOT affected the RSA key exchange algorithm, while LogJam and WeakDH showed that many TLS servers » Continue Reading.

What are downgrade attacks?

In software security, downgrade attacks are network attacks that force victims to use older, more vulnerable versions of software in order to exploit known vulnerabilities against them. This has been especially dangerous in TLS clients supporting both modern and earlier versions of TLS, the latter » Continue Reading.

How to Order Personal Pro Email and ClientAuth Certificates

This how-to will walk you through the process of ordering, validating, and retrieving a Personal Pro Email and ClientAuth Certificate from 1. Go to the product page for Business Email, Client Authentication, and Document Signing Certificates and click the Buy Now button.   2. Choose a duration for your » Continue Reading.

What is HTTP Strict Transport Security (HSTS)?

HTTP Strict Transport Security (HSTS) is a web security policy mechanism designed to protect HTTPS websites against downgrade attacks and cookie hijacking. A web server configured to use HSTS instructs web browsers (or other client software) to use only HTTPS connections and disallows use of the HTTP protocol. This instruction is called the » Continue Reading.

What is a chain of trust?

A chain of trust is a linked path of verification and validation from an end-entity digital certificate to a root certificate authority (CA) that acts as a trust anchor. Chain of trust for, showing end-entity, intermediate, and root certificates. In SSL/TLS, S/MIME, code signing, » Continue Reading.