Website Security Solutions | Latest Guides | Blog

Certificate Revocation, How it Works with CRLs or OCSP

| #Articles

Certificate Revocation refers to the act of canceling a signed certificate before its expiration date. This can be done due to private key compromise, retirement of a service, or various administrative reasons. There are many different approaches for verifying that a certificate is still in good standing, and often a combination is used in order to provide fault tolerance. Certificate… [read more →]

Encryption vs Hashing: What’s the difference?

| #Articles

Both Encryption and Hashing are fundamental building blocks of cryptosystems. When it comes to best practices for storing credentials in your application however, best practice is largely driven by what you’re trying to do. There are a lot of well-meaning security professionals who elect an extremely dogmatic stance: “Encrypting passwords is bad! You must hash them”. This is usually true, except when … [read more →]

What Is SNI? Encrypted SNI (ESNI and ECH)

| #Articles

When a piece of server software wants to make itself available to clients via the network, it binds to a socket. A socket is simply the IP address and port combination the server software listens on for connections. (Most commonly server software chooses to listen on a particular port across all available network interfaces). What happens though if a particular server wants to serve multiple,… [read more →]

OpenSSL 1.1.1k Patches for Two High-Severity Vulnerabilities

| #News

A lot can be learned about SSL/TLS by analyzing real-world bugs and the ways in which vendors patch them. This past week OpenSSL 1.1.1k was released, which corrected two high severity bugs in the popular OpenSSL software. Specifically, CVE-2021-3450 and CVE-2021-3449 are considered to be “high” severity but not “critical” severity because while they are extremely impactful, they affect less common … [read more →]

What is SHA-256? How is Hashing used?

| #Articles

Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for cryptography? What is a hash? What do we use hashes for? What makes a hash suitable for cryptographic purposes? Testing it with OpenSSL … [read more →]