It’s a scary Internet out there. Between the growing value of the data exchanged online and the ever-present threat that the NSA decides you’re interesting we’re left with only one responsible thing to do: Protect the confidentiality and integrity of our and our users’ data.
One important part of any strategy to protect our users’ data is encrypting that data when in motion and that means anywhere, anytime. It’s not good enough to only encrypt your payment pages. It’s not good enough to only encrypt traffic between users’ browsers and your load balancers. Every connection that crosses a network should be made via TLS. Period.
Traditionally this is either confusing because OpenSSL or expensive because Verisign. Today I’m introducing a new option. Certified will help you generate and manage an internal CA for your company and its wiki includes a growing collection of examples for the various operating systems, server softwares, and programming languages we all use.
Be safe out there.