SSL

Secure Sockets Layer, protocol for encrypting data between the Web Browser and the Web Server. Aka https.

http://www.openssl.org/

http://www.apache-ssl.org/

https://konklone.com/post/switch-to-https-now-for-free

Apr'2021: done at (2021-04-25) Move To DigitalOcean

Jun'2019: tried and failed to get working on my linode: Making GoogleAssistant CoachBot

Dec'2016: Within one year, Let's Encrypt has become one of the largest Certificate Authoritys on the Internet.

Nov'2014: why it's overdue: If you run a news site, or any site at all, we’d like to issue a friendly challenge to you. Make a commitment to have your site fully on https by the end of 2015 and pledge your support with the hashtag #https2015.

Dec'2012 recommendations from some friends - note this is relevant to many-server environment

• RapidSSL is good certificate vendor
• get wildcard certs so you can use them across hosts and servers in the same domain
• run SSL in the Load Balancer-s, not on AppServer-s - see Load Balancing

Ian Grigg challenge to the Threat Model behind SSL. Commentary by Tim Oren and Charles Miller

• Terminate in (Load Balancing) hardware? See comments for interesting issues....

Historically, SSL has been considered expensive, and handled in separate computers with specialized accelerating hardware.

• Jun'2010 - Google has been able to implement SSL widely but cheaply. (But not simply.)

Python links:

• http://simon.incutio.com/archive/2002/07/24/windowsSslSupportInPython

• http://www.python.org/2.3/highlights.html

• http://pypgsql.sourceforge.net/misc/python-ssl.html

• http://alldunn.com/python/

• Val Shkolnikov http://home.pacbell.net/nvsoft/2.2/ssl_wrapper.html

• Zope support http://www.zope.org/Members/Ioan/ZopeSSL

HeartBleed is a security bug disclosed in April 2014 in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client.