Summer 2011 ESCC/Internet2 Joint Techs

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

SSL/TLS Web Server Security

Time 07/12/11 04:10PM-04:30PM

We do not host flash-based video files on our servers anymore. Please contact Web Support for further details about netcast videos.

Session Abstract

Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running SSL/TLS, that doesn't mean it's "secure." Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site.

Slides are available at: http://pages.uoregon.edu/joe/web-crypto/web-crypto.pdf

Speakers

Speaker Joe St Sauver Internet2/University of Oregon

Presentation Media

media item thumbnail SSL/TLS Web Server Security (pdf)

Speaker Joe St Sauver Internet2/University of Oregon

Secondary tracks Security Industry Partnership Advanced Network Services

Session Media

media item thumbnail SSL/TLS Web Server Security Netcast Archive Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running SSL/TLS, that doesn't mean it's "secure." Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site. Slides are available at: http://pages.uoregon.edu/joe/web-crypto/web-crypto.pdf media item thumbnail SSL/TLS Web Server Security Netcast Archive Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running SSL/TLS, that doesn't mean it's "secure." Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site. Slides are available at: http://pages.uoregon.edu/joe/web-crypto/web-crypto.pdf

gold Sponsors