[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The state-level attack on the SSL CA security model

Subject: The state-level attack on the SSL CA security model
From: chk at pobox.com (Harald Koch)
Date: Thu, 24 Mar 2011 10:09:13 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

On 3/23/2011 11:05 PM, Martin Millnert wrote:
> To my surprise, I did not see a mention in this community of the
> latest proof of the complete failure of the SSL CA model to actually
> do what it is supposed to: provide security, rather than a false sense
> of security.

This story strikes me as a success - the certs were revoked immediately, 
and it took a surprisingly short amount of time for security fixes to 
appear all over the place.

 >  In some places, failure of internet security means people die

Those people know that using highly visible services like gmail and 
skype is asking to be exposed...

-- 
Harald

Follow-Ups:
- The state-level attack on the SSL CA security model
  - From: chort at smtps.net (Brian Keefer)
- The state-level attack on the SSL CA security model
  - From: nixon at nsc.liu.se (Leif Nixon)
- The state-level attack on the SSL CA security model
  - From: dot at dotat.at (Tony Finch)
- The state-level attack on the SSL CA security model
  - From: dwhite at olp.net (Dan White)
- The state-level attack on the SSL CA security model
  - From: danny at spesh.com (Danny O'Brien)

References:
- The state-level attack on the SSL CA security model
  - From: millnert at gmail.com (Martin Millnert)

Prev by Date: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
Next by Date: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
Previous by thread: The state-level attack on the SSL CA security model
Next by thread: The state-level attack on the SSL CA security model
Index(es):
- Date
- Thread