few Internet technologies are relied upon vitamin a heavily as TLS/SSL, yet it has been widely known for years that this fundamental security protocol does not do adequate to efficaciously protect communications .
The most visible fail of TLS is the reliance on public key infrastructure ( PKI ) in which every certification agency ( CA ) becomes a potential single point of failure. Between CAs improperly issuing certificates for reserved names, getting hacked, and others merely issuing rogue certificates for sure web sites, there is a massive problem threatening to undermine assurance in the web .
The problems surrounding CAs and certificate entrust are broadly easy to comprehend since this is, at its core, a non-technical problem in which trusted entities fail to uphold their trustworthiness. other problems, however, are far more technical and can be difficult for technical experts to wrap their heads around let alone lay persons. Problems related to the handshake process tend to fall under this category .
today, Microsoft has released an SChannel update to prevent a malicious server from carrying out the chilling sound “ Triple Handshake ” attack.