Dual SSL is a new open-source technology for PHP that aims to address several issues with traditional TLS/SSL, especially in the modern era of shared/cloud hosting. Dual SSL is built using existing web standards, which makes it easy to implement and compatible with most web servers and browsers.
There is a common misconception that if you see the little lock icon in your browser, then your connection to that web site is secured. The reality is that different web servers use different encryption ciphers, and some of the ciphers commonly used for SSL have known weaknesses.
Another problem with a traditional SSL implementation is that data travels freely through several layers before it is encrypted, and the layer in which encryption is applied is often controlled by a web host. These layers may contain compromised or outdated software, providing potential access points for hackers and eavesdroppers.
With Dual SSL, a secondary key server can secure the delivery of your web content with stronger encryption and technology such as Forward Secrecy, even if this technology is unavailable on your primary web server. Dual SSL also introduces the concept of Application Layer Containment, which secures your content before it leaves your control.
© 2015 Josh Abbott. All rights reserved.