[olug] Building a web server for both security and performance in 2011

Rob Townley rob.townley at gmail.com
Sun Sep 4 00:56:45 UTC 2011

It is worth remembering StartSSL was hacked this year, so if you have
a highly sensitive data, then you probably want to use a better
Certificate Authority.   FWIR, the attack was not as bad as the Comodo
attack in which a password was embedded in a .dll that was
downloadable and then used to get fraudulent google and microsoft and
yahoo and skype certificates.  However, details were not disclosed to
the public, so who knows.

If you run your own Certificate Authority, keep the top level
certificate offline completely after it used to create an intermediate
level authority.

More information about the OLUG mailing list