Tina Bird <[EMAIL PROTECTED]> writes:
> The vendors listed in the CERT advisory on the OpenSSL vulnerabilities are
> all producing server-side software:
>
> http://www.cert.org/advisories/CA-2002-23.html
>
> Does anyone know if Netscape, Opera, Internet Explorer or any of the other
> browsers are vulnerable to these issues?
Netscape and IE both have their own TLS implementations. Netscape uses
NSS and IE uses CAPI/SChannel. Of course, these implementations might
be vulnerable to similar bugs but there's no specific reason to think
they are.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
http://www.rtfm.com/
