Mailinglist Archive

Apache 2 with SSL/TLS: Step-by-Step, Part 1
by Artur Maj 
last updated January 18, 2005

For more than 10 years the SSL protocol has been widely used for the
purpose of securing web transactions over the Internet. One can only
guess how many millions or billions of dollars in transactions are
processed per a day using SSL. Unfortunately, the simple fact we use SSL
does not necessarily mean that the information sent over this protocol
is secure. The use of weak encryption, the impossibility of verifying
web servers' certificates, security vulnerabilities in web servers or
the SSL libraries, as well as other attacks, may each let intruders
access sensitive information -- regardless of the fact that it is being
sent through the SSL.

http://www.securityfocus.com/infocus/1818