News

Ars Technica

Empty list when doing mutual SSL authentication (IE)

Hi, <BR><BR>Thanks in advance to anyone who reads this post in an effort to help. I'm a software developer and usually post in the programmer's symposium but this current issue has had me putting on ...
PC World

Security Pro Says New SSL Attack Can Hit Many Sites

A Seattle computer security consultant says he’s developed a new way to exploit a recently disclosed bug in the SSL protocol, used to secure communications on the Internet. The attack, while difficult ...
NBC News

Authentication Giant VeriSign Hacked Repeatedly in 2010

Update: VeriSign has released a public statement about the data breach. See below. VeriSign, the Internet infrastructure company at the heart of the World Wide Web, was hacked repeatedly in 2010 by ...
InfoWorld

New SSL attack can steal sensitive info from secure Web sites

Security researcher has developed generic attack code that could give hackers a very powerful phishing tool, but is keeping it private A Seattle computer security consultant says he’s developed a new ...
Ars Technica

IIS, windows authentication, load balancers and SSL

Our minor departmental ASP.NET app works great in DEV on a web server without SSL. It relies on getting the User's Windows identity from HttpContext.Current.User.Identity.Name<BR><BR>When we move the ...