Session Abstract
Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running
SSL/TLS, that doesn't mean it's 'secure.' Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site. This talk expands on and
updates a session that was offered at the ESCC/Internet2 Joint Techs Meeting in Fairbanks.
Secondary tracks
Security
Internet2 NET+ Services
Middleware and Federations
Middleware
Focus on Federations
SSL/TLS Certificates: Giving Your Use of Server Certificates A Hard Look Netcast Archive
Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running
SSL/TLS, that doesn't mean it's 'secure.' Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site. This talk expands on and
updates a session that was offered at the ESCC/Internet2 Joint Techs Meeting in Fairbanks.
SSL/TLS Certificates: Giving Your Use of Server Certificates A Hard Look Netcast Archive
Colleges and universities rely on SSL/TLS-enabled web servers to securely accept or deliver a variety of sensitive information, including passwords, grades, financial- and health-related information, etc. Unfortunately, just because a server's running
SSL/TLS, that doesn't mean it's 'secure.' Many higher ed servers still permit use of SSL 2.0, allow insecure renegotiation, or accept terribly weak cipher suites. This talk describes how you can check your school's servers for these vulnerabilities, and also begins to look at ways you can expand use of certificates at your site. This talk expands on and
updates a session that was offered at the ESCC/Internet2 Joint Techs Meeting in Fairbanks.