The Importance of Validating SSL Certificates
One of the more common but still widely forgotten security issues I see is that of forgetting to validate SSL certificates. I’m not talking about accepting certificate mismatches while browsing a mailing list archive. I’m talking about developers programming https communication.
What all developers need to keep in mind are two things:
1) SSL does very little [...]