There are many risks with the implementation of security using SSL. Attacks can be formulated against the SSL/TLS protocol, the protocol may have been designed improperly by the server vendor, the certificate authority (CA) could be attacked or you may implement SSL improperly on your server.
SSL Pulse surveys about 200,000 sites each month, grades them and ranks them by status. Nearly a quarter of the protected sites receive an F. These sites support SSL 2.0 and 3.0, have insecure cipher suites, have small keys and support RC4. The issues with the poorly graded sites are not system defects; they are the result of improper configuration and deployment.
The Entrust SSL Best Practices approach will detail all of the areas to consider when deploying SSL. We will provide tips and hints, expert deployment knowledge, thought leadership, encourage Always-On SSL and recommend acquiring certificates from a reliable CA.
For SSL best practices you need to consider:
When deploying SSL it is great to have a CA who works with you as a partner. Consider a reliable CA which provides certificate management, certificate discovery and responsive CRL and OCSP responses. A reliable CA will also provide a wide variety of certificate types and flexible licensing models. There should also be great support including server installation, server certificate scanning and website scanning.
As we move forward, Entrust Datacard will provide guidance and solutions to use SSL best practices and deploy SSL with confidence.