mailing list archives
Re: SSL protocol flaw, request for opinions
From: Angelo Perniola <perniola () infosec it>
Date: Mon, 24 Feb 2003 17:50:02 +0100
Juan Velasquez wrote:
I just read this story which explains how the Swiss Federal Institute of
exploited a flaw in the SSL protocol to hijack an 8 character password
from a bunch of SSL encrypted email logins.
I was surprised. What does the security community think of this?
Also interesting, comments from SSL 3.0 designer Paul Kocher: