Home page logo

nanog logo nanog mailing list archives

RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: Deepak Jain <deepak () ai net>
Date: Fri, 2 Jan 2009 16:13:45 -0500

If done properly, that's actually an easier task: you build the update
key into the browser.  When it pulls in an update, it verifies that it
was signed with the proper key.

If you build it into the browser, how do you revoke it when someone throws 2000 PS3s to crack it, or your hash, or your 
[pick algorithmic mistake here].


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]