Looks like the CDN certificate is already causing security problems, although
not the kind that I was expecting:
While trying to import a server certificate for a CDN service, a segv bug
was found in [PKI app]. It is likely that this bug is exploitable by
sending a special crafted signed me
>From an off-list discussion: Can someone who knows more about how these CDNs
handle certs provide a brief summary for the list? From looking at Sybil
certs grabbed from a few CDN sites there doesn't seem to be any rhyme or
reason to them. Also, how and under what conditions can you get access to
* David McGrew:
> can I ask what your interest in AEAD is? Is there a particular
> application that you have in mind?
I just want to create a generic API which takes a key (most of the
time, a randomly generated session key) and can encrypt and decrypt
small blobs. Application code should not n
Peter Gutmann wrote:
> Readers are cordially invited to go to https://edgecastcdn.net and have a
> look
> at the subjectAltName extension in the certificate that it presents. An
> extract is shown at the end of this message, this is just one example of many
> like it. I'm not picking on Edgec
It's pretty outrageous that anyone would try to patent rolling barcoded
dice to generate random numbers.
I've been generating random strings from dice for years. I find that
gamers' 20-sided dice are great; each roll gives you a hex digit, and
anytime you roll a 17 thru 20, you just roll again.
