Re: [cryptography] Misuses/abuses of Sony's compromised root certificate?

2014-12-17 21:41 GMT+01:00 Jeffrey Walton noloa...@gmail.com: Has anyone come across any reports of abuse due to Sony's compromised root? I believe its named Sony Corp. CA 2 Root? I did not find it in the Windows 8.1 certificate store. Are any of the browsers carrying it around? Since

Re: [cryptography] Paypal phish using EV certificate

The serial number you find in the subject of an EV certificate is the registration number of the company (Paypal Inc, in Delaware). There's absolutely no problem in having different certificates with this repeating serial number (in the subject), as long as they are delivered to the right company.

Re: [cryptography] naming is hard as CAs now get to demonstrate

Even with only perfect public CAs that do not issue certificates for unapproved namespaces, the problem persists. A company can have a private namespace (TLD) for its internal use, and a private CA, trusted by its employees. The mail server would have a name in this private namespace, with a

Re: [cryptography] another cert failure

2013/1/5 Ryan Hurst ryan.hu...@globalsign.com I've been unable to find a screenshot but this FAQ does suggest that there is an explicit action required to enable HTTPS inspection: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=solutionid=sk65123

Re: [cryptography] best way to create entropy?

Getting random out of spoofable radio signals? Good idea. 2012/10/12 Eugen Leitl eu...@leitl.org: - Forwarded message from Naslund, Steve snasl...@medline.com - From: Naslund, Steve snasl...@medline.com Date: Thu, 11 Oct 2012 23:27:56 -0500 To: na...@nanog.org Subject: RE: best way

Re: [cryptography] Devices and protocols that require PKCS 1.5 padding

2012/7/2 Thor Lancelot Simon t...@panix.com [...] Besides PGP, what other standard, widely-deployed protocols require the use of padding types other than OAEP? TLS, up to v1.2. PKCS#1v1.5 is mandatory. -- Erwann. ___ cryptography mailing list

Re: [cryptography] Microsoft Sub-CA used in malware signing

2012/6/5 Marsh Ray ma...@extendedsubset.com [...] An excerpt: That’s right, every single enterprise user of Microsoft Terminal Services on the planet had a CA key that could issue as many code signing certificates they wanted and for any name they wanted. It sounds as if Windows users

Re: [cryptography] Microsoft Sub-CA used in malware signing

It's also not clear about what could have been done with TS certificates. Is it only codesigning, or TLS server as well? -- Erwann. Le 4 juin 2012 09:57, Marsh Ray ma...@extendedsubset.com a écrit : In case its not clear from the filenames (e.g. the email system drops them) there were three