it seems to me the fake certificates that a tool like ettercap iussues. compare whith this (fake) verificate.
cheers nicola del vacchio security consultant genova italy [EMAIL PROTECTED] Il mer, 2004-06-02 alle 18:45, [EMAIL PROTECTED] ha scritto: > On Wed, 02 Jun 2004 07:39:31 +0930, Chris van der Pennen <[EMAIL PROTECTED]> said: > > I've been getting SSL certificates from various websites recently that are > > apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign. > > The certificate expired 6 December 2002. > > > The data in Issued To and Issued By are identical. > > > This smells very much like an SSL hijack attempt - can anyone shed some > > light on the situation? > > Or some webserver package that builds a self-signed certificate so SSL works > without having to pay Verisign, and does so in a "cute" manner that users are > likely to accept the cert without thinking about it. It's probably NOT a hijack > attempt unless you have *OTHER* evidence of that (phishy-looking redirect > javascript on the page, etc....) > > Given how little *real* security a signed cert creates, it's probably not worth > worrying about. >
fake-verisign-ca1.cer
Description: application/x509-ca-cert
signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata
