05 May, 2009

SSL Inventor Taher Elgamal Interview

Vivian Yeo of CNet has published a greater interview with Taher Elgamal, the inventor of SSL and recent winner of the RSA Conference Lifetime Achievement Award. Mr. Taher responds to these subjects:
  1. SSL man-in-the-middle attacks and the ability to intercept session cookies
  2. Logging into sites that have expired SSL certificates
  3. How do browser makers keep users and protect them?
  4. How different do you think SSL would be if it had been invented in the current security landscape?
  5. What are you most dissatisfied about in the current security landscape?
Mr. Taher also points out, "The biggest issue with Internet security today is that there are databases with a lot of important info that are available from the Internet, from the outside." I tend to agree as we hear many stories of database break-ins from stolen laptops, to guessed passwords, to poor network security.

Head over to CNet and read this article for yourself.

No comments: