If you want to get my feathers ruffled up a bit, bring up the topic of SSL and browsers. The whole situation is a mess, and I blame the browser makers (and partially our extended use of the web outpacing SSL updates) for muddying up the waters. Did we *really* need EV SSL and browsers throwing error messages on *everything* that wasn’t EV SSL? It’s just silly… Half the problems (sure, that’s my scientific measure) with SSL arise because of the browsers and the “market” for PKI. Sure, for consumers, they should be on the lookout for self-signed certs. For geeks that manage network devices and internal sites, self-signed certs are a daily reality.
I need to stop on that rant before I look more foolish than normal!
A new site, SSLFail.com, by Marcin and Tyler illustrate the issues SSL and web browsers (and admin teams that try to manage them) have. Not only does the site present images of failures in SSL usage, but they also have informational posts if you want to learn more about SSL and the nuances involved with it. To be honest, if you manage any device that uses SSL (web, network, VPN…), I’d suggest checking the site out. Hell, even if you just like to sit back and laugh at the security failures (or admin issues) other people have, check it out, too!