Security team successfully cracks SSL using 200 PS3's and MD5
ge at linuxbox.org
Fri Jan 2 20:53:06 CST 2009
On Fri, 2 Jan 2009, Dragos Ruiu wrote:
> www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation;
You can't really use any snort rule to detect SHA-1 certs created by a
fake authority created using the MD5 issue.
Yes, this is a serious matter, but it hardly has any operational impact to
speak of for users and none for NSPs.
More information about the NANOG