Published By: Symantec
Published Date: Dec 04, 2014
SSL/TLS has been & will be a core enabling technology critical for securing communications. The most significant challenge facing the SSL ecosystem is its implementation. Researchers have recently published reports indicating widespread errors & shortcomings in the implementation of SSL/TLS in mobile applications. These issues often result from flawed use of SDKs or APIs used by developers.
This paper lists necessary steps to take to create a stronger, more trustworthy SSL implementation. All SSL client non-browser applications should follow all these practices to ensure strong authentication, confidentiality & integrity.