Category Archives: Web Security

The certificate detail in Chrome is back

The option to display the detail of the SSL/TLS certificate on a website had been incomprehensibly removed by Google Chrome. Version 60 will bring an improvement, but in order to view the details, the feature needs to be activated first in the hidden browser settings. The certificate detail has returned For the previous version of… Read More »

Logjam: How to Solve a Newly Discovered Vulnerability

From the discovery and description of Heartbleed vulnerability, more and more concepts of attacks on SSL/TLS protocol and related cryptography have been appearing regularly. This article focuses on the latest described vulnerability Logjam, which is related to weak keys in Diffie-Hellman key-exchange (further just DHE and DH). The Diffie-Hellman Key-Exchange Protocol The DH protocol is… Read More »

Certificate Transparency – Protection from Google

(20. 4. 2015) Certificate Transparency (further CT) is a function which increases the credibility of certificates. We wrote about it in November. You will find the theory in the article Certificate Transparency and Public Key Pinning. Today we are going to take a closer look at CT, especially its practical side and behaviour in Google Chrome browser.… Read More »