[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The state-level attack on the SSL CA security model

Subject: The state-level attack on the SSL CA security model
From: richard.barnes at gmail.com (Richard Barnes)
Date: Thu, 24 Mar 2011 10:59:45 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

Which is especially funny since Comodo is citing the fact that they've
had no OCSP requests for the bad certs as evidence that they haven't
been used.

--Richard



On Thu, Mar 24, 2011 at 10:53 AM, Tony Finch <dot at dotat.at> wrote:
> Harald Koch <chk at pobox.com> wrote:
>>
>> This story strikes me as a success - the certs were revoked immediately, and
>> it took a surprisingly short amount of time for security fixes to appear all
>> over the place.
>
> It would have been much easier if certificate revocation actually worked
> properly.
>
> http://www.imperialviolet.org/2011/03/18/revocation.html
>
> Tony.
> --
> f.anthony.n.finch ?<dot at dotat.at> ?http://dotat.at/
> Viking, North Utsire, South Utsire: Westerly veering northerly, 4 or 5,
> occasionally 6 at first. Moderate or rough. Occasional rain. Moderate or good,
> occasionally poor at first.
>
>

References:
- The state-level attack on the SSL CA security model
  - From: millnert at gmail.com (Martin Millnert)
- The state-level attack on the SSL CA security model
  - From: chk at pobox.com (Harald Koch)
- The state-level attack on the SSL CA security model
  - From: dot at dotat.at (Tony Finch)

Prev by Date: The state-level attack on the SSL CA security model
Next by Date: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
Previous by thread: The state-level attack on the SSL CA security model
Next by thread: The state-level attack on the SSL CA security model
Index(es):
- Date
- Thread