Re: IE SSL Vulnerability

In the wise words of Charles Miller: > Actually, the SSL vulnerability is a very predictable answer to an old > question. For a while now, one of the big "what ifs" of Internet > security has been "What if one day, the SSL infrastructure is completely > compromised?" The most common hypothetical

Re: IE SSL Vulnerability

On Fri, 2002-08-16 at 09:11, robert walker wrote: > A huge amount of infrastructure is managed remotely via > SSL and IE these days. It just boggles the mind the > extent to which the security integrity of that > infrastructure is now under a cloud unknowing. Actually, the SSL vulnerability is a

Re: IE SSL Vulnerability

In-Reply-To: <[EMAIL PROTECTED]> Given my background in cryptographic programming, it is difficult for me to imagine how the cause of this alleged vulnerability could be explained as programmer error or oversight. Yet I cannot fathom why MS would purposely skip such a basic step. I am wait

Re: IE SSL Vulnerability (Konqueror affected too)

http://theregister.co.uk/content/4/26620.html [] I've not tested this on IE because several researchers posting to Benham's BugTraq thread (http://online.securityfocus.com/archive/1/286895/2002-08-08/2002-08-14/1) have confirmed the behavior. But I did test it on Mozilla 0.9.4, which Benh

Re: IE SSL Vulnerability

On Thu, Aug 08, 2002 at 01:38:46PM +0200, Balazs Scheidler wrote: > On Mon, Aug 05, 2002 at 04:03:29PM -0700, Mike Benham wrote: > > > However, there is a slightly more complicated scenario. Sometimes it is > > convenient to delegate signing authority to more localized authorities. > > In this c

Re: IE SSL Vulnerability

I agree, this is really, really serious. If this is correct, I believe it is one of the most serious vulnerabilities reported in a long time. People trust SSL to protect their money, and this is a vulnerability where you could easily attack thousands of users or go after the banks with a simple ma

Re: IE SSL Vulnerability

On Mon, Aug 05, 2002 at 04:03:29PM -0700, Mike Benham wrote: > However, there is a slightly more complicated scenario. Sometimes it is > convenient to delegate signing authority to more localized authorities. > In this case, the administrator of www.thoughtcrime.org would get a chain > of certif

Re: IE SSL Vulnerability

On Wed, Aug 07, 2002 at 12:24:19PM -0700, Mike Benham wrote: > First of all, https://www.thoughtcrime.org is NOT the demo site. Several > people were confused by this email, and subsequently concluded that their > browser isn't vulnerable because they got an alert that the "name on the > certifi

Re: IE SSL Vulnerability

In-Reply-To: <[EMAIL PROTECTED]> Mike, I have checked out your sample exploit, and I can confirm that my IE 5 is vulnerable. Regarding the post by Alex Loots, the certificate is a regular server certificate, not an intermediate CA with name constraints (if I have understood his message c

Re: IE SSL Vulnerability

On Wed, 7 Aug 2002, Alex Loots wrote: > Hi Mike, > I visited your demo at https://www.thoughtcrime.org. It appears that Thawte is > the TTP instead of Verisign. Does this make any difference for example the > certificate extensions? First of all, https://www.thoughtcrime.org is NOT the demo site

RE: IE SSL Vulnerability

Hi Mike and the list, That is one side of an issue I have described in http://online.securityfocus.com/archive/1/273101 I have to admit, your message captures attention much better than mine. All for good, if that will be fixed. The issu