Secure programming with the OpenSSL API, part 2
Securing the handshake during a Secure Sockets Layer session (SSL) is vital, since almost all of the security involving the connection is set up inside the handshake. Learn how to secure the SSL handshake against a man in the middle (MITM) attack -- in which the intruding party masquerades as another, trusted source. This article also introduces the concept of digital certificates and how the OpenSSL API handles them.
By Kenneth Ballard at IBM developerWorks.
[ Read more ]