Home → Magazine Archive → March 2018 (Vol. 61, No. 3) → Technical Perspective: On Heartbleed: A Hard Beginnyng... → Abstract

Technical Perspective: On Heartbleed: A Hard Beginnyng Makth a Good Endyng

By Kenny Paterson

Communications of the ACM, Vol. 61 No. 3, Page 108

The SSL/TLS protocol suite has become the de facto secure protocol for communications on the Web, protecting billions of communications sessions between browsers and servers on a daily basis. We use it every time we access our social media feeds, or whenever an app running on our mobile device wants to contact its home server. It has become an almost invisible part of the Web's security infrastructure, supported by an eclectic mix of technologies including public key cryptography, certificates, and the Web PKI.

So when a serious security vulnerability is discovered in the SSL/TLS protocol itself, or in one of the main implementations like OpenSSL, one would naturally expect a rapid response—system administrators would roll into action, patching their software as quickly as possible, and taking any other remedial actions that might be necessary.


No entries found