Welcome!

Linux Authors: Liz McMillan, Elizabeth White, Hovhannes Avoyan, Yeshim Deniz, Roger Strukhoff

Related Topics: SDN Journal, Java, Linux, Virtualization, Security, DevOps Journal

SDN Journal: Blog Feed Post

The Evolution of SSL

Technology, like time, marches on.

I've been following SSL for a long, long time. Since before the turn of the century, in fact. I devised performance tests back in the day that, on at least one system (back when PCI was still the standard method of enabling SSL hardware acceleration) actually melted circuits on the host system's motherboard.

Understandably, the vendor who had brought the system to be tested was horrified.

There have been a lot of changes since then - from faster, more capable SSL acceleration cards to better (more secure) methods of key management (HSM). One might think that such a venerable technology had reached the end of its evolutionary chain.

But it hasn't. SSL has continued (and will likely continue) to evolve along with emerging threats and the need to secure and encrypt data in flight. In the past 3 years alone, SSL has undergone some fairly significant changes and advancements, including the move to longer key lengths (from 1024 to 2048) and more recently, the adoption of PFS (Perfect Forward Secrecy) to protect conversations from undesirable snooping.

evolution of ssl

SSL is one of those ubiquitous protocols like TCP and HTTP that, when changed, has a resounding impact across the Internet. Browsers must be updated, servers upgraded and infrastructure adjusted to incorporate the changes in a way that doesn't end up breaking, well, everything.

As the number of sites protected by SSL (perhaps in response to the somewhat obscure "SSL Everywhere" campaigns) continues to grow, the potential impact of evolving standard protocols like SSL also grows.

Only time will tell whether that impact is negative or, as one hopes, a net positive.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.