> The code injection occurred on an interface they had to check the > certificate of an arbitrary server. When 127.0.0.1 was used, the > trustico.com certificate was returned. That means the local web server > was handling TLS, not a remote load balancer solution (unless somehow > 127.0.0.1 was forwarding to a remote host, which doesn't really make any > sense). > > -- > Hector Martin "marcan" (mar...@marcan.st) > Public Key: https://mrcn.st/pub
Did *anyone* capture this information in a way that can be proven? While I personally would not trust any content from either hostname, the Twitter post referenced earlier is not sufficient proof of key compromise. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy