Safe SSL Certs in a Hostile World: No Compromise

  • March 18, 2014 · 12:00 PM

It's been called the "most dangerous code in the world." SSL certificates and key signing, if verified improperly, can expose your code and your users to man-in-the-middle attacks. As we saw with the Apple SSL flaw, such improper handling truly is "goto fail;”

Jim Baker will use examples from Jython's socket-reboot project. This supports the OpenSSL-based API in Python on top of the Java security model. We will also look at certificate pinning to prevent compromised certificate authority vulnerabilities. Our focus throughout will be how to write robust code that avoids the dangers.

Join or login to comment.

  • Paul E.

    Anybody on the late night from Washington, DC to Denver tonight (AKA PyCon)? I could use a ride to the Park n Ride in Louisville.

    April 13, 2014

  • Paul E.

    Is anyone on the late flight from Pycon (arriving at (UA 1623) arriving in Denver at 11:51 pm or there abouts? I could use a ride to the Louisville Park and Ride at McCaslin.



    April 13, 2014

  • Robert W.

    Interesting talk and QA. I learned a lot and it was very interesting to get an inside view of how to approach development of security features in the core of a language. Well done.

    1 · March 18, 2014

  • Ben C.

    Had a work project come up so can't make it. See everyone next time.

    March 18, 2014

  • percious

    Please Excuse the title change. I had somehow mixed up the talks Jim sent over. Thanks Jim for giving us the talk again!

    March 10, 2014

  • A former member
    A former member

    This sounds good but I can't make noon in Denver.

    1 · March 7, 2014

9 went

Sometimes the best Meetup Group is the one you start

Get started Learn more

We just grab a coffee and speak French. Some people have been coming every week for months... it creates a kind of warmth to the group.

Rafaël, started French Conversation Group

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy