Forward Secrecy at Twitter

DigiCert provides SSL Certificates used to encrypt sensitive information. With revelations about mass surveillance in the news everywhere, an obscure feature of SSL/TLS called ‘forward secrecy’ has suddenly become very interesting.

Twitter recently announced that they have enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If a malicious entity records all Twitter users’ encrypted traffic and they later crack or steal Twitter’s private keys, because of forward secrecy they should not be able to use those keys to decrypt the recorded traffic.

Read the full announcement from Twitter here.