SSL Encryption

[Walkerok]

There is currently a question in the vision series of the forums on SSL encryption. While i realize there are a myriad of work arrounds that can achieve that particular writers problems there is a much more important discussion to be had. I realize that the ability to correctly do the SSL encryption is much more complicated than I am going to talk about here, but how about Unitronics including SSL encryption capability?? There are many free algorithms that are available for a multitude of programming languages and while there would definitely be real programming work required by Unitronics it is a very doable feature.

If Unitronics suported SSL incryption and included a current table of "trusted root certificate authorities" this would at least give a Unitronics PLC the ability to operate in the mainstream of Email servers until the certificates on the list became too old, then there would have to be a firmware update at some point in the future to get up to date on more recent certificates, but there would be several trouble free years between firmware updates. Would there be a specific customer that would have a problem? Absolutely, but if we work with an 80/20 rule where the main objective is to be able to send emails without special consideration being required by most email recipients this goal would be achieved.

In addition when the PLC is being used to host a web page, without SSL being available, all communications with the outside world are unprotected and the possibility of problems (such as the case of the Iranian centrifuge hacking) are dramatically more likely. I know we all think about this as "Who would want to intercept and care about what is happening with boiler number 6 in the basement of a building?" and generally this is very true, but the SSL encryption with even just a self certificate that can be imported on to a users local laptop or desktop would dramatically improve the safety of the communications.

Like I said I am not going to do a deep dive on this subject, but it is important to talk about SSL encryption in both the long term and the short term. I am by no means an expert on the subject but I know enough to know I should be at least a little bit worried about the possibilities.

Thanks for reading

Keith