It's bad. I decided to test my servers after updating them. Took me
about 3 hours to write a working implementation of this attack without
any prior knowledge of TLS internals. It's easy to do, pretty much
impossible to detect, and it's going to spread quickly. Shut down your
https sites and any
On Tue, Apr 8, 2014 at 4:35 AM, Randy Bush ra...@psg.com wrote:
I'm really surprised no one has mentioned this here yet...
we're all to damned busy updating and generating keys
you might like (thanks smb, or was it sra)
openssl s_client -connect google\.com:443 -tlsextdebug 21| grep
Here's mine, written in Go:
http://code.google.com/p/mxk/source/browse/go1/tlshb/
To build the binary, install Mercurial, install Go (golang.org), set
GOPATH to some empty directory, then run:
go get code.google.com/p/mxk/go1/tlshb
- Max
On Tue, Apr 8, 2014 at 12:16 PM, Patrick W. Gilmore
On Thu, Jan 3, 2013 at 12:14 AM, Damian Menscher dam...@google.com wrote:
Back on topic: encryption without knowing who you're talking to is worse
than useless (hence no self-signed certs which provide a false sense of
security), and there are usability difficulties with exposing strong
On Fri, Dec 14, 2012 at 10:52 AM, Peter Kristolaitis alte...@alter3d.ca wrote:
On 12/14/2012 10:47 AM, Randy wrote:
I don't have hundreds of dollars to get my ssl certificates signed
You can get single-host certificates issued for free from StartSSL, or for
very cheaply (under $10) from
On Fri, Nov 2, 2012 at 4:10 PM, Jeff Wheeler j...@inconcepts.biz wrote:
On Fri, Nov 2, 2012 at 11:13 AM, Eric Germann egerm...@limanews.com wrote:
I'm looking for a recommendation on a smallish 10G Ethernet switch for a
small virtualization/SAN implementation (4-5 hosts, 2 SAN boxes) over
6 matches
Mail list logo
