Shared publicly  - 
"Our main conclusion is that SSL certificate validation is completely broken in many critical software applications and libraries..."

The most dangerous code in the world: validating SSL certificates in non-browser software

If there has ever been a good argument for careful thought on API design, then this should definitely serve as a great lesson. Granted, SSL is not an easy concept to explain, but that only makes good API design more important.
Moshe Vardi's profile photoChristian Bautista's profile photoDrew Farris's profile photoJames Chapman's profile photo
It's the same Dan Boneh from the excellent coursera cryptography course.
Add a comment...