London 20 & 21st May 2010, Westminster Conference Centre

 

 

SSL (TLS) is the technology that secures the Internet, but it only works when properly configured. Unfortunately, because SSL is assumed to be easy to use (and it genuinely is), there is a lack of information how to use it properly. As a result, too many web sites use insecure deployment practices that render SSL completely useless. In this talk I will present a list of top ten (or thereabout) deployment mistakes, based on my work on the SSL Labs assessment platform.