Monday, June 1, 2009

HTTPS is bad?

This article is 6 months in the making. I finished writing this article in November 2008. It took me 4 months to find an editor who would publish it and it was another 2 months before the article appears in print.
An excerpt from my published article on page 106.
"Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) is a protocol that promises integrity of data transmitted over this channel and prevents prying parties from spying on the communication between two entities. Information security professionals constantly advocate the implementation of HTTPS within the enterprise to secure sensitive data and critical transactions... The employment of HTTPS is now universal and has created an illusion that HTTPS is trustworthy thus resulting in a blind eye turned to what traffic traverses over this “secure" protocol."

No comments:

Post a Comment