Chris Palmer ch...@noncombatant.org writes:
Looking forward to Perry's moderated list coming back online.
Le mieux est l'ennemi du bien.
Peter.
___
cryptography mailing list
cryptography@randombit.net
travis+ml-rbcryptogra...@subspacefield.org writes:
Before I learn the hard way, anyone have any opinions?
I realise that I'm kinda putting myself in the firing line here as the author
of a different OSS crypto library, but if OpenSSL is too hard to use, why not
try another library?
Peter.
Adam Back a...@cypherspace.org writes:
I guess the limitation with patents is even if they cant sue you if you are
not operating in a patent recognizing country, they can probably try to sue
your customers.
That's always the killer, we know where your kids go to school. Unless
you're operating
coderman coder...@gmail.com writes:
521-bit key and other odd claims? think i'll stick with RedPhone ...
It just means they're using P521, which is the largest curve that NIST will
allow.
Peter.
___
cryptography mailing list
Marsh Ray ma...@extendedsubset.com writes:
Something about this doesn't add up and I don't think we're seeing the real
story emerge yet. The USG seems to be completely off its rocker right now
reacting to Wikileaks and I wonder if that has something to do with the
timing of this.
This is one of
James A. Donald jam...@echeque.com writes:
It takes about one hour per hundred lines of source code.
I would hope that anyone clever enough to implement some very tricky crypto
algorithms would also be clever enough to backdoor them in a way that could
never be discovered. Or to turn that
James A. Donald jam...@echeque.com writes:
Crypto algorithms have standard reference implementations, which are to a
greater or lesser extent copied wholesale. Any deviation from the usual is apt
to be noticeable.
That would require that you compare the code for algorithm X in project Y to
James A. Donald jam...@echeque.com writes:
Must interoperate with legitimate code.
Must plausibly claim to utilize well known algorithms (while actually
misusing them or grossly deviating from them.).
Sheesh, I can do this without even thinking. Here's one:
/* Generate the random value k.
James A. Donald jam...@echeque.com writes:
That took all of ten seconds to get. Result: A completely FIPS 186-compliant
digsig implementation that leaks the private key.
And one that would take someone checking the code about an hour or so to
detect.
And on what do you base that apart from
Following up on the PS3 break, it looks like the PSP has been compromised as
well, by having its authentication key stored in the PS3 (!!). From
deciphering the IRC log at
http://dukio.com/gadget/mathieulh-psp-master-keys-ps3.html:
- The PSP keys are stored in the PS3, allowing them to be
Thierry Moreau thierry.mor...@connotech.com writes:
So, here are a few highlights of my recent findings. I found that too many
notions deserved a description of rationales, and hence a draft-in-progress
document is just stalled.
The problem here is that the debate rapidly goes from engineering
This isn't one of those namby-pamby one-site phishing MITMs, this is a MITM of
an entire country:
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
For those who don't want to read the whole thing, the solution was duuhh, we
Rayservers supp...@rayservers.com writes:
They are waiting for analysis. If anyone on this list has the time and
expertise (both hardware and software), they can have one sent gratis for a
full analysis report to this list. If you carry out a full destructive
analysis [the innards are epoxied], a
I wrote:
This isn't one of those namby-pamby one-site phishing MITMs, this is a MITM
of an entire country:
For those who want more details, there's a technical analysis at:
http://blog.jgc.org/2011/01/code-injected-to-steal-passwords-in.html
Full source available via pastebin:
Daniel Silverstone dsilv...@digital-scurf.org writes:
Note that, as the webpage explains, the device is a USB CDC device providing
an asychronous serial port.
Right, but you still need a driver on the host to provide the virtual serial
port, e.g. FTDI's virtual COM port (VCP) or Prolific's
Steven Bellovin s...@cs.columbia.edu writes:
Im typing on a large, heavy, clicky IBM keyboard right now...
I have a 15-year-old one that's still going strong (not a buckling-spring one,
which I was never that much of a fan of, but a keyswitch one), but I'm not
sure what I'd do if this one ever
Marsh Ray ma...@extendedsubset.com writes:
I 'aint no self-appointed moderator of this list and I do find the subject of
economics terribly interesting, but maybe it would make sense to willfully
confine the scope of our discussion of Bitcoin and other virtual currencies
to the crypto side of
James A. Donald jam...@echeque.com writes:
On 2011-06-15 1:29 AM, Ian G wrote:
Which, to my mind was the same sin as the alternate: obsession with
privacy, including to the extent of eliminating the core requirements of
money. The first law of money is that it has to be safe:
Jeffrey Walton noloa...@gmail.com writes:
The 'details' mentioned above is at http://www.schneier.com/blowfish-bug.txt,
and here's the crux of Morgan's report:
[bfinit] chokes whenever the most significant bit
of key[j] is a '1'. For example, if key[j]=3D0x80,
key[j], a signed char,
Nico Williams n...@cryptonector.com writes:
Not so! Please point to some evidence if you wish to insist on this.
GSS-API is pretty Kerberos-y. It may not have it directly baked in, but you
really have to squint at it pretty funny to go beyond Kerberos. I know you
can pretend it's not a
Novikov, Lev lnovi...@mitre.org writes:
There is an existing class of devices and environments (e.g., military and
diplomatic communications) which have particular requirements that are hard
to retrofit into existing crypto APIs (i.e. the logical models are
substantially different).
For example,
Marsh Ray ma...@extendedsubset.com writes:
Right, so one of the lessons learned here was that if IETF had considered
APIs and not just protocols those bugs in TLS would have been found long ago.
A pen-tester I know once found a (fairly serious) security hole under the
influence of (equally
Ian G i...@iang.org writes:
The typical reasons for not using TLS would be
[...]
(c) it only delivers a relatively small subset of a fuller security model.
That's a legitimate reason for using JS crypto. What TLS gives you is the
archetypal armoured car from the guy who lives on a cardboard
Marsh Ray ma...@extendedsubset.com writes:
On 06/22/2011 09:40 AM, Steven Bellovin wrote:
http://www.darkreading.com/advanced-threats/167901091/security/application-security/231000129/malware-increasingly-being-signed-with-stolen-certificates.html
Not surprising to most readers of this list, I
Marsh Ray ma...@extendedsubset.com writes:
It's usually more useful as a means for an platform vendor to enforce its
policies on legitimate developers than as something which delivers increased
security to actual systems.
Symbian being a prime example. With Android it's easier, you just publish
Nico Williams n...@cryptonector.com writes:
Were you aware of any of the above? If so, could you please explain your
comment in a little bit more detail? If not, then please stop slandering the
GSS-API.
Yes, I was aware of that. You can remove the string GSS-API from your
comments and
In case this is useful to anyone, here's the Windows code to use rdrand, to
complement the gcc version for Unix systems. It'll also be present in the
next release of the cryptlib RNG code, available under a GPL, LGPL, or BSD
license, depending on which you prefer.
#if defined( _MSC_VER )
James A. Donald jam...@echeque.com writes:
I rather think it is the right forum, for this forum is applied cryptography,
and application usually requires password handling.
If we are going to go beyond seven bit ascii, unicode is the only thing that
is going to avoid compatibility hell.
I
coderman coder...@gmail.com writes:
H3 should be Gospel: There is Only One Mode and it is Secure
Also known as Grigg's Law. The corollary, for protocols where there *are*
options, is There is one one cipher suite and that is Suite #1.
Peter.
___
Nico Williams n...@cryptonector.com writes:
Why even have a tag?? The ASN.1 Packed Encoding Rules (think ONC XDR with 1-
byte alignment instead of 4-byte alignment) doesn't use tags at all.
Which makes them impossible to statically check, and leads to hellishly
complex decoders.
In
Nico Williams n...@cryptonector.com writes:
In other words, in ASN.1 as it's used you have to know the schema and message
type in order to do a good job of parsing the message,
No you don't. I give as a counterexample dumpasn1, which knows nothing about
message types or schemas, but parses
Nico Williams n...@cryptonector.com writes:
On Wed, Jul 6, 2011 at 12:06 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
(The ASN.1 filter I mentioned earlier is a stripped-down version of dumpasn1.
Remember that dataset of 400K broken certs that NISCC generated a few years
ago
I wrote:
BER and DER are actually the safest encodings of the major security protocols
I work with.
Based on the following, which just appeared on another list:
In contrast to RFC 5280, X.509 does not require DER encoding. It only
requires that the signature is generated across a DER
Sampo Syreeni de...@iki.fi writes:
To my mind the difference seemed to be about shallow versus deep parsing. You
can't really deep parse anything in BER with implicit tagging,
You can deep-parse, you just need to apply some basic heuristics (e.g. if
it's an octet string and the first byte is
Zooko O'Whielacronx zo...@zooko.com writes:
Hm, digging around in my keepsakes cabinet, I unfortunately do not find the
original state transition diagram that I mentioned above, but I do find an
artifact that I wrote a few months later=E2=80=94a sketch of a protocol that
I called ZRTP lite which
Matthijs R. Koot k...@uva.nl writes:
A low-complexity alternative to SSH seems useful and might perhaps allow
validation by formal methods...
Funny you should mention that, I suggested this to someone recently because
it's something that's never been formally analysed and is likely an easy
Ralph Holz h...@net.in.tum.de writes:
The question, after all, is how often do you really read the SSH warnings?
How often do you just type on or retry or press accept? What if you're the
admin who encounters this maybe 2-3 times day?
The August (I think) issue of ;login, the Usenix magazine (
Adam Back a...@cypherspace.org writes:
EKE for web login is decades overdue and if implemented and deployed properly
in the browser and server could pretty much wipe out phishing attacks on
passwords.
We have source code for apache, mozilla, maybe could persuade google; and
perhaps microsoft and
Andy Steingruebl a...@steingruebl.com writes:
The way it for for everyone I knew that went through it was:
1. Sniffing was sort of a problem, but most people didn't care
2. Telnet was quite a bit of a pain, especially when using NAT, and wanting
to do X11 forwarding
3. Typing in your password
Andy Steingruebl a...@steingruebl.com writes:
Hmm, do you know that many sysadmins outside high-security conscious areas
that really cared about typing the root password over telnet, especially back
in 1997? I don't. Academia and banks cared, and often deployed things like
securid or OPIE/SKEY
Ian G i...@iang.org writes:
Microsoft have a big interest in bypassing the status quo, and they've tried
several times. But each time it isn't for the benefit of the users, more for
their own benefit, in that they've tried to rebuild the security
infrastructure with themselves in control.
Jeffrey Walton noloa...@gmail.com writes:
http://www.theregister.co.uk/2011/07/27/chip_crypto_cracked/
That's a really, really misleading tagline. They've successfully attacked the
bitstream encryption for Xilinx FPGAs, and while some of those are used by the
military, they're also used in
Bob Lloyd boblloyd8...@yahoo.com writes:
Has anyone performed an analysis of the security of any of the available
smart card reader/external pin pad solutions? Are they effective at keeping
the pin from being accessible at the host to which the reader is connected?Â
Does anyone have any
http://www.diginotar.com/Portals/0/Skins/DigiNotar_V7_COM/image/home/headerimage/image01.png
The guy in the background must have removed his turban/taqiyah for the photo.
Peter.
___
cryptography mailing list
cryptography@randombit.net
[NB: CC'd to the randombit cryptography list, since this is an interesting
point for discussion].
Ian G i...@iang.org writes:
What we'll likely see now is a series of breaches at multiple levels to
acquire and misuse certs. We've seen compromises in the past, but what makes
this new is
Ralph Holz h...@net.in.tum.de writes:
I have some values from our own scans - scans conducted against hosts on the
Alexa Top 1M list.
Given that that particular Diginotar CA had only issued around 700 certs in
total, that means a significant fraction (at least a quarter, depending on how
many
[Responding to the same three lists as before, please trim followups if you
feel it's off-topic]
In response to my earlier OCSP is unfixably broken, by design comments, a
couple of people have responded off-list with variants of OK smartypants, how
would you do it better?. In order to provide a
Ian G i...@iang.org writes:
Hence, the well-known race-to-the-bottom, which is a big factor in DigiNotar.
Actually I'm not sure that DigiNotar was the bottom, since they seem to have
been somewhat careful about the certs they issued. The bottom is the cert
vending machines that will issue a
Marsh Ray ma...@extendedsubset.com writes:
Do we need then a whole spectrum of Super Validation, Hyper Validation,
and Ludicrous Validation to address the ridiculous deficiencies found in
these current pwned EV CAs?
It has been suggested that we need a kind of meta-CA or CA for CAs (CACA).
Then
Marsh Ray ma...@extendedsubset.com writes:
He wants credit for saving the world from PKI!
He should get it. A number of security practitioners have been trying to tell
the world for more than a decade that this stuff, you know, doesn't actually,
well, work. Whoever's behind this has now made
Ian G i...@iang.org writes:
It is not a new observation that the original threat modelling had flaws you
could drive a truck through :)
You forgot to mention what the SSL/browser PKI threat model actually is, as
first pointed out by some guy called Grigg:
SSL/browser PKI is defined to be
Lucky Green shamr...@cypherpunks.to writes:
Moreover, I noticed that some posts list one or more desirable properties and
requirements together with a proposed solution.
That's the nice thing about PKI, there's more than enough fail to go around.
Everyone gets to fix their own particular bit
Lucky Green shamr...@cypherpunks.to writes:
We are also seeing a near universal call for fixes of the broken PKI
paradigm. I couldn't agree more that fixes - and indeed redesigns - are badly
needed and have been for some 15+ years. Pretty much since the day the word
PKI was coined. What I hear
Andy Steingruebl a...@steingruebl.com writes:
Got a prioritized list? I'll tell you what I'm doing about them. Quite
seriously actually...
See my off-list reply (it's my earlier ref to the EuroPKI talk again :-), I'll
post the slides next week when I've done the talk.
Actually, figuring out
Paul Hoffman paul.hoff...@vpnc.org writes:
We don't all observe that. Some of us observe a third, more likely
approach: nothing significant happens due to this event. The collapse of
faith is only among the security folks whose faith was never there in the
first place. A week after the event, who
Marsh Ray ma...@extendedsubset.com writes:
The CAs can each fail on you independently. Each one is a potential weakest
link in the chain that the Relying Party's security hangs from. So their
reliability statistics multiply:
one CA: 0.99 = 99% reliability
two CAs: 0.99*0.99 = 98%
M.R. makro...@gmail.com writes:
No one actively working against a government that is known to engage in
extra-legal killings will trust SSL secured e-mail to protect him or her from
the government surveillance.
That's a non-sequitur. What you're saying is that no-one working in an
environment
Ralph Holz h...@net.in.tum.de writes:
In the EFF dataset of the full IPv4 space, I find 773,512 such certificates.
Could these be from the bizarro Korean DIY PKI (the NPKI) that they've
implemented? Could you post (or email) some of the certs?
Peter.
Ian G i...@iang.org writes:
When it came to actual failures ... they are silent. Still. But they love
their merry-go-round :)
There are ways to get off the merry-go-round. I've now put the slides for the
talk I'd mentioned last week, that I did at EuroPKI, up at
Arshad Noor arshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the browser,
does not imply that the remaining 99 are compromised (which is what you are
implying with your statement).
Since browser PKI uses universal implicit cross-certification, it
Arshad Noor arshad.n...@strongauth.com writes:
Rather than shoot from the hip, the logical way to propose a solution would
be to write a paper on it and submit it to IDTrust 2012 for discussion. If
it is selected, it will have the merit of having been reviewed and deemed
worthy of discussion.
Ralph Holz h...@net.in.tum.de writes:
I am wondering if we can't get our hands on such a router and do a proof-of-
concept. Anyone in?
In terms of warkitting routers, they're pretty much all vulnerable [0], so all
you'd need to do after that is exploit the CA certs. OTOH if you can warkit
a
James A. Donald jam...@echeque.com writes:
The peers who do the peer reviewing for IDtrust, are not peers at all, but
high priests who review for doctrinal conformity to the consensus of the the
most holy synod,
I know you meant that tongue-in-cheek, but in some cases it's frighteningly
close
Randall Webmail rv...@insightbb.com writes:
Does this warkitting require physical access to the router?
No, it's all remotely done.
(This is why I have two different routers from different vendors between me
and the public internet, and have had this setup for about a decade now).
Peter.
ianG i...@iang.org writes:
C.f., revocation is broken. The disablement of OCSP checking has been ...
e widely suggested.
Which leads to a curious puzzler; if it doesn't work for users, who does it
work for? Ah, the cynicism :P
There are a number of revocation vendors who have (or had, a
Ben Laurie b...@links.org writes:
Well, don't tease. How?
The link I've posted before (but didn't want to keep spamming to the list):
http://www.cs.auckland.ac.nz/~pgut001/pubs/pki_risk.pdf
Peter.
___
cryptography mailing list
Ben Laurie b...@links.org writes:
Wasn't that what SET did?
No. Or at least buried way, way down in a hidden corner there was something
that was a bit like that, sort of like painting one of the toenails on an
elephant, but the vast mass of the rest overwhelmed that one bit.
Peter.
travis+ml-rbcryptogra...@subspacefield.org writes:
If we assume that the lifetime of the cert is there to limit its window of
vulnerability to factoring, brute force, and other attacks against
computational security properties,
Which only occurs in textbooks. It's probably not necessary to
Alfonso De Gregorio a...@crypto.lo.gy writes:
For a past project, I've been engineering a cryptographic appliance running
with Bull TrustWay CC2000
http://support.bull.com/ols/product/security/trustway/c2000/cc2000.html
It is a full-length PCI with on-board key storage.
Can you provide a bit
Martin Paljak mar...@martinpaljak.net writes:
Taking into account the original request of getting something off-the-shelf
for PGP uses, this demand basically just rules out GnuPG for some users and
use cases.
At the risk of slight self-promotion, cryptlib,
Jack Lloyd ll...@randombit.net writes:
For some reason RH legal seems especially frightened of crypto patents; it's
not like dozens of features of gcc, the kernel, etc aren't covered by patents.
They may just be choosing where to fight their battles. If adaptive source
routing (affecting all
JeffH jeff.hod...@kingsmountain.com writes:
Of possible interest:
The weakest link in the chain: Vulnerabilities in the SSL certificate
authority system and what should be done about them
It's not just NGOs that are seeing that browser PKI is the weakest link in
the chain. I was recently told
Particularly interesting is Some Principles of Cryptographic Security -
Summer 1974 - Vol. XIX, No. 3, sort of an updated/revisited version of the
oft-quoted Kerckhoffs's principles.
Peter.
___
cryptography mailing list
cryptography@randombit.net
Landon Hurley ljrhur...@gmail.com writes:
So would the recent $200 hardware break of hdmi encryption.
HDCP was a social, political, and economic fail, not necessarily a crypto
fail. I certainly don't want to denigrate the work that the guys the the Ruhr
Uni did, but you've been able to buy
Marsh Ray ma...@extendedsubset.com writes:
* Here's an example of RSA-512 certificates being factored and used to sign
malware:
http://blog.fox-it.com/2011/11/21/rsa-512-certificates-abused-in-the-wild/
That's an example of *claims* of 512-bit keys being factored, with the
thinking being
Steven Bellovin s...@cs.columbia.edu writes:
Does anyone know of any (verifiable) examples of non-government enemies
exploiting flaws in cryptography?
Could you be a bit more precise about what flaws in cryptography covers? If
you mean exploiting bad or incorrect implementations of crypto then
Solar Designer so...@openwall.com writes:
Here are some examples of 512-bit RSA keys factored:
Right, but that doesn't say anything about what happened here. In every other
case we know of in which malware has been signed by CA-issued certs, the keys
were either stolen or, more rarely, bought
Marsh Ray ma...@extendedsubset.com writes:
On 11/27/2011 09:57 PM, Peter Gutmann wrote:
Unfortunately this doesn't explain how they go the 1024-bit and
longer keys that were also used in the attack.
Is that true? I haven't seen this reported. Link?
Off-list :-). Oh, wait a minute, there's
Steven Bellovin s...@cs.columbia.edu writes:
I'm writing something where part of the advice is don't buy snake oil
crypto, get the good stuff.
I wrote about this back in 2002 in Lessons Learned in Implementing and
Deploying Crypto Software, we've gone from straight snake oil to second-
order
John Levine jo...@iecc.com writes:
It's a theological issue. Some people like it, some people hate it, no
amount of arguing has ever made anyone change his mind about it.
In superior list software such as majordomo2, it's a configurable per-user
option.
In superior mail client software like
Nathan Loofbourrow njl...@gmail.com writes:
On Wed, Nov 30, 2011 at 4:47 PM, Rose, Greg g...@qualcomm.com wrote:
On 2011 Nov 30, at 16:44 , Adam Back wrote:
Are there really any CAs which issue sub-CA for deep packet inspection
aka
doing MitM and issue certs on the fly for everything
ianG i...@iang.org writes:
Is this in anyway a cause for action in contract? Is this a caused for
revocation?
And given that you have to ask the MITM for the revocation information, how
would you revoke such a cert?
And that was Why blacklists suck for validity checks, reason #872 in a series
ianG i...@iang.org writes:
On 1/12/11 15:10 PM, Peter Gutmann wrote:
ianGi...@iang.org writes:
Is this in anyway a cause for action in contract? Is this a caused for
revocation?
And given that you have to ask the MITM for the revocation information, how
would you revoke such a cert?
Wait
Jon Callas j...@callas.org writes:
And I presume you didn't save the cert.
Of course, we just need to have people look for these and then save them.
Cert *chain*, not cert. Save as PKCS #7/Certificate Chain from the browser
dialog.
Peter.
___
Randall Webmail rv...@insightbb.com writes:
What is the proper thing to do when one of those things pops up? (It is NOT a
rare event).
Go to the security settings dialog in your browser, go to Export certificate
(or whatever your browser uses), select Certificate chain / PKCS #7, and
then post
Marsh Ray ma...@extendedsubset.com writes:
Certificate Authority (CA) to Chain to GeoTrust's Ubiquitous Public
Root
[...]
SAN FRANCISCO, RSA CONFERENCE, Feb. 14
February of which year? If it's from this year then they're really late to
the party, commercial CAs have been doing this for
Ben Laurie b...@links.org writes:
They appear to actually be selling sub-RA functionality, but very hard to
tell from the press release.
OK, so it does appear that people seem genuinely unaware of both the fact that
this goes on, and the scale at which it happens. Here's how it works:
1. Your
Adam Back a...@cypherspace.org writes:
Start of the thread was that Greg and maybe others claim they've seen a cert
in the wild doing MitM on domains the definitionally do NOT own.
It's not just a claim, I've seen them too. For example I have a cert issued
for google.com from such a MITM proxy.
Adam Back a...@cypherspace.org writes:
a public MitM proxy? Or a corporate LAN.
Private organisation.
That intermediate CA needs publishing, and the CA that issued it.
I was asked not to reveal details and I won't, but in any case I don't know
whether it would achieve much. For the case of
Adam Back a...@cypherspace.org writes:
[WAP wildcard certs]
That is bad. Are you saying there is anyone doing SSL mitm for stream
compression reasons? Who?
The use of wildard certs in WAP gateways came up from the SSL Observatory
work... hmm, there's at least a mention of it in An Observatory
Adam Back a...@cypherspace.org writes:
I wonder what that even means. *.com issued by a sub-CA? that private key
is a massive risk if so! I wonder if a *.com is even valid according to
browsers. Or * that would be funny.
No idea, but remember that it's not general-purpose browsers, it's
ianG i...@iang.org writes:
PS; we need a better name than DPI MITM. For some reason I'm thinking of WITM.
Given that the whole reason for doing this silly-walk in the first place was to
protect us against MITMs, I wouldn't use WITM, I'd call it a WTFITM.
Peter.
Ondrej Mikle ondrej.mi...@nic.cz writes:
How do MitM boxes react when they MitM connection to a server with self-
signed cert (or cert issued by an obsure CA not trusted by MitM box)?
For one example, see
Lucky Green shamr...@cypherpunks.to writes:
If the concern is that employees receive security warnings when accessing in-
house websites, the standard solution is to push out a corporate root via AD,
which is transparent and works quite well.
And once they get AD and/or WSUS ported to OS X and
Ondrej Mikle ondrej.mi...@nic.cz writes:
Sorry, my bad. Mismatch in my thinking-editing coordination. Originally I
wanted to ask whether you encountered a breach that was not over all the
news, but a rather localized incident at the places you and Lucky described.
Or heard about one from
Sandy Harris sandyinch...@gmail.com writes:
I am in China. How could I test whether the Great Firewall's packet sniffers
have such a cert.?
I'd be kinda surprised if they did that because it's meant to be surreptitious
and the Great Firewall isn't exactly a state secret. I'd just use the
Ondrej Mikle ondrej.mi...@nic.cz writes:
Matches my observations, especially when looking at CRLs of some small CAs
(company internal). I had a hunch some of those revocations could be due to
CA compromise, but from my point of view it is be only a speculation. I
appreciate sharing your
Earlier in the discussion there were questions about why a service provider
would want to MITM their customers. This has now been answered by a service
provider: It's to protect the children. From
http://patrick.seurre.com/?p=42
Three's policy with regards to filtering is intended to
d...@geer.org writes:
This is already standard practice for malware-laden sites, to
the extent that it's severely affecting things like Google Safe
Browsing and Facebook's link scanner, because Google and Facebook
always get to see benign content and only the end user gets the
malware.
Ondrej Mikle ondrej.mi...@nic.cz writes:
It's issued by A-Trust (not A-Data).
Well I had to put something in there to validate the Any inadvertent mangling
of details was my fault :-).
The Hongkong Post certs lack EKU extension, but 'key usage' does not contain
'digital signature'. That makes
1 - 100 of 226 matches
Mail list logo