I've been reading/hearing different opinions on the recent vulnerability
for cert chain forging that was patched (CVE-2015-1793).
Some people are saying the vulnerability only exists if a system is using
certificate-based client authentication (mutual auth, where both server and
client are
using
server authentication.
Thanks again,
Colin Edwards
CISSP, GCIH, GCWN, GSEC, MCSE
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Kurt Roeckx
Sent: Tuesday, July 14, 2015 1:06 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users
