How to Render SSL Useless

This is the title of a recent talk from Ivan Ristic of SSL Labs on common mistakes in the deployment of SSL. This talk expands upon his SSL Threat Model that I posted about a few months ago. The main deployment mistakes Ristic sees for SSL are

• Self-signed certificates
• Own CA certificates
• Mixing SSL and plain-text
• Not using secure cookies
• Using incomplete certificates
• Not using EV certificate
• Not using SSL
• Mixed page content
• Different sites on 80 and 443
• Using SSL for “important”bits
• Inconsistent DNS configuration

This is a great presentation which really gets to the heart of why SSL security has lately been the focus of much attention.

(via SSL Shopper)