Home page logo

nanog logo nanog mailing list archives

Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Fri, 2 Jan 2009 12:06:36 -0500

On Fri, 2 Jan 2009 17:53:55 +0100
"Terje Bless" <link () pobox com> wrote:

On Fri, Jan 2, 2009 at 5:44 PM,  <Valdis.Kletnieks () vt edu> wrote:
Hmm... so basically all deployed FireFox and IE either don't even
try to do a CRL, or they ask the dodgy certificate "Who can I ask
if you're dodgy?"

Hmm. Don't the shipped-with-the-browser trusted root certificates
include a CRL URL?

Every CA runs its own CRL server -- it has to be that way.

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]