Ivan Ristić

With Firefox 3.6 out, I took the opportunity to upgrade the CA root database. Up until earlier today SSL Labs used the Firefox 3.5.1 list, which has 142 certificate authorities on it. The new version of Firefox supports 155 certificate authorities and, now, SSL Labs does too.

After being prompted by Adrian Dimcev, I also added the support for a couple of obscure EXPORT 1024 cipher suites. Thanks Adrian!

The Feisty Duck book store yesterday increased the number of titles on offer by 100%, adding the digital version of Programming in Lua 2ed, written by Roberto Ierusalimschy.

If you don't know about Lua, it's a very nice embeddable scripting language, with low memory consumption, very fast interpreter, and even faster just-in-time compiler. I loved it so much I added it to ModSecurity, and it is now possible to write rules in a proper programming language. It's great for those times when you have complex requirements. I am seeing Lua slowly but surely taking over the open source world (when embedding and fast and reliable operation is required). It's already in ModSecurity, Snort 3.x is using it, and in the future it will be part of Apache too.

The book itself is very good too, with a 5-star score in Amazon.com reviews.

Later today I will be presenting at the OWASP London meeting. The title of my presentation is How to Render SSL Useless, and I will be talking about the recent issues with SSL/TLS, my work at SSL Labs, as well as listing Top 11 SSL deployment mistakes that render SSL useless.

Here's the presentation:

• Download Ivan_Ristic-How_to_Render_SSL_Useless