SSL certificates aren't broken technology, but better support is needed

SSL certificates aren't broken technology, but better support is needed According to a commentary piece for InformationWeek written by Larry Seltzer, recent attacks and insufficient support for the most secure versions of the technology are causing serious problems for SSL certificates.

SSL 3.0 and Transport Layer Security 1.0 are still the standards in use around the web, Seltzer wrote, and some systems are still based on the highly insecure SSL 2.0 technology.

Support for the far more secure TLS 1.1 and 1.2 protocols would go a long way toward making the technology more secure, but Seltzer wrote that this was "almost non-existent."

"Support for these standards would have to be built into both sides of the conversation, i.e. browsers and servers. It turns out Microsoft does support TLS 1.1 and 1.2 in Internet Explorer, but disables it by default. Firefox, Chrome, and probably other browsers don't even offer it," Seltzer wrote.

The aftershocks from the DigiNotar hack continue to be felt around the web, and some experts, like Moxie Marlinspike, have even proposed replacing SSL certificates with a crowd-sourced authentication protocol.