Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Deepak Jain deepak at ai.net
Fri Jan 2 15:16:20 CST 2009


> ssl itself wasn't cracked they simply exploited the known vulnerable
> md5
> hashing.  Another hashing method needs to be used.

The encryption algorithm wasn't hacked. Correct. Another hashing method 
may help. Yup. 

My problem is with the chain-of-trust and a lack of reasonable or reasonably reliable (pick) 
ways of revoking certificates. 

Deepak




More information about the NANOG mailing list