?

Log in

No account? Create an account

This is big - JonM

Dec. 30th, 2008

10:52 am - This is big

Previous Entry Share Next Entry

http://www.win.tue.nl/hashclash/rogue-ca/

The key words:

As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers.
So, yeah, SSL is pretty busted right now; it'll take a lot of work on the CA's part to fix this...

Tags:

Comments:

[User Picture]
From:llarian
Date:December 30th, 2008 07:32 pm (UTC)
(Link)
Yikes. That is huge...
(Reply) (Thread)
From:3ricj
Date:December 30th, 2008 07:45 pm (UTC)
(Link)
nah, ssl has been broken for years.
(Reply) (Parent) (Thread)
From:3ricj
Date:December 30th, 2008 07:45 pm (UTC)
(Link)
this is very old news.
(Reply) (Thread)
[User Picture]
From:turgid
Date:December 30th, 2008 07:47 pm (UTC)
(Link)
Sure, that this is possible has been known for a while. But this is the first time someone's made a cookbook, followed the recipe, and showed everyone how tasty the pie is.

-Jon
(Reply) (Parent) (Thread)
[User Picture]
From:llarian
Date:December 31st, 2008 07:50 am (UTC)
(Link)
I like pie
(Reply) (Parent) (Thread)