Upgrading TLS with Scott Helme

About Show #922

Have you upgraded to TLS 1.3? While at NDC in London, Richard chatted with Scott Helme about his work moving companies onto the latest version of TLS. But do you need to? Scott talks about how SSL 2 and 3 were used until they were broken by the black hats, leading to a panic to update quickly. While there is no evidence that TLS 1 and 1.1 are breached, they are already deprecated - and are slower than the later versions. Want a performance boost? Move to TLS 1.3!

Links

KeybaseAPI Root Certificate Expiry
Let's Encrypt
Brownout Notice at GitHub
When Logging Causes Security Incidents
Deprecation SHA-1
Google Post Quantum Encryption

Recorded February 1, 2024

Scott Helme is a security researcher, consultant and international speaker. He can often be found talking about web security and performance online and helping organisations better deploy both. Founder of report-uri.com, a free CSP report collection service, and securityheaders.com, a free security analyser, Scott has a tendency to always be involved in building something new and exciting.

About Show #922

Show Comments