Security team successfully cracks SSL using 200 PS3's and MD5

Robert Mathews (OSIA) mathews at
Fri Jan 2 17:56:19 UTC 2009

Joe Greco wrote:
>  [ ....  ]
> Either we take the potential for transparent MitM attacks seriously, or 
> we do not.  I'm sure the NSA would prefer "not."  :-)
> As for the points raised in your message, yes, there are additional
> problems with clients that have not taken this seriously.  It is, however,
> one thing to have locks on your door that you do not lock, and another
> thing entirely not to have locks (and therefore completely lack the
> ability to lock).  I hope that there is some serious thought going on in
> the browser groups about this sort of issue.
>  [ ... ]
> ... JG

F Y I, see:

SSL Blacklist 4.0 - for a Firefox extension able to detect 'bad'
certificates @


More information about the NANOG mailing list