[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Subject: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: smb at cs.columbia.edu (Steven M. Bellovin)
Date: Fri, 2 Jan 2009 12:06:36 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Fri, 2 Jan 2009 17:53:55 +0100
"Terje Bless" <link at pobox.com> wrote:

> On Fri, Jan 2, 2009 at 5:44 PM,  <Valdis.Kletnieks at vt.edu> wrote:
> > Hmm... so basically all deployed FireFox and IE either don't even
> > try to do a CRL, or they ask the dodgy certificate "Who can I ask
> > if you're dodgy?"
> 
> Hmm. Don't the shipped-with-the-browser trusted root certificates
> include a CRL URL?
> 
> 
Every CA runs its own CRL server -- it has to be that way.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb

Follow-Ups:
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: jasper at unleash.co.nz (Jasper Bryant-Greene)

References:
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: jgreco at ns.sol.net (Joe Greco)
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: link at pobox.com (Terje Bless)

Prev by Date: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Next by Date: Security team successfully cracks SSL using 200 PS3's and MD5
Previous by thread: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Next by thread: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Index(es):
- Date
- Thread