Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Steven M. Bellovin
smb at cs.columbia.edu
Fri Jan 2 17:06:36 UTC 2009
On Fri, 2 Jan 2009 17:53:55 +0100
"Terje Bless" <link at pobox.com> wrote:
> On Fri, Jan 2, 2009 at 5:44 PM, <Valdis.Kletnieks at vt.edu> wrote:
> > Hmm... so basically all deployed FireFox and IE either don't even
> > try to do a CRL, or they ask the dodgy certificate "Who can I ask
> > if you're dodgy?"
>
> Hmm. Don't the shipped-with-the-browser trusted root certificates
> include a CRL URL?
>
>
Every CA runs its own CRL server -- it has to be that way.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list