D.3. Final Notes
For SSL to be able to provide a secure connection, both the client
and server systems, keys, and applications must be secure. In
addition, the implementation must be free of security errors.
The system is only as strong as the weakest key exchange and
authentication algorithm supported, and only trustworthy
cryptographic functions should be used. Short public keys, 40-bit
bulk encryption keys, and anonymous servers should be used with great
caution. Implementations and users must be careful when deciding
which certificates and certificate authorities are acceptable; a
dishonest certificate authority can do tremendous damage.
 |  |  | | D.2. Protecting Application Data |  | E. Sample Apache Log |
Copyright © 2001 O'Reilly & Associates. All rights reserved.
|
