Ralph Holz <[email protected]> writes:

>I am wondering if we can't get our hands on such a router and do a proof-of-
>concept. Anyone in?

In terms of warkitting routers, they're pretty much all vulnerable [0], so all
you'd need to do after that is exploit the "CA" certs.  OTOH if you can warkit
a router you can also drop sslstrip on it, and at that point it's game over
for the user whether you have a CA cert or not.

Peter.

[0] "All" meaning that every brand that researchers could get their hands on
    proved vulnerable.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to