An insecurity study into the use of SSL certificates has revealed that it is
about as effective as an English team preventing a German striker from getting a
ball in the back of the net.
Security research firm Qualys scanned 119 million domain names, but found
that only 92 million were active. More than 12.4 million domains failed to
resolve properly and 14.6 million failed to respond.
Of the active domains that did respond, nearly 34 million responded to the
Qualys scan on both port 80 and port 443. Port 80 is typically used for HTTP
while port 443 is typically used for HTTPS-, SSL-secured Websites.
Director of engineering at Qualys, Ivan Ristic, said that despite stumping up
$100 for SLL only 23 million of the sites tested were actually using it.
It is considered best practice that the name on the SSL certificate matches
the name of the domain on which the SSL certificate is being used.
