There are many risks that come with the implementation of security using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol. Attacks can be formulated against the SSL/TLS protocol, the protocol may have been designed improperly by the server vendor, the certification authority (CA) could be attacked or you may implement SSL/TLS improperly on your server.
The Trustworthy Internet Movement surveys about 200,000 sites each month, grades them and ranks them by status through their SSL Pulse. Nearly a quarter of the protected sites receive an F.
These sites support SSL 2.0 and SSL 3.0, have insecure cipher suites, have small keys and support RC4.
The issues with the poorly graded sites are not system defects; they are the result of improper configuration and deployment.
SSL/TLS is deceptively simple. While it seems like it is easy to deploy, that’s not the way it works. Entrust SSL Experts have thoroughly reviewed the SSL/TLS deployment process and wish to offer you our best practices so you can spend the minimum amount of time possible on deployment and maintenance while still achieving the maximum results for your organization