11-25-2013

Forward Secrecy at Twitter

DigiCert provides SSL Certificates used to encrypt sensitive information. With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called 'forward secrecy' has suddenly become very interesting.

Twitter recently announced that they have enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If a malicious entity records all Twitter users’ encrypted traffic and they later crack or steal Twitter’s private keys, because of forward secrecy they should not be able to use those keys to decrypt the recorded traffic.

Read the full announcement from Twitter here.

UP NEXT

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

Featured Stories

VMC Blog Featured Image

Getting Your Logo in Your User's Inbox: Tips Learned from the VMC Gmail Pilot

What Makes Digital Signatures Secure

How Vaccine Passports Could Change Digital Identity