Security team successfully cracks SSL using 200 PS3's and MD5

Christopher Morrow morrowc.lists at gmail.com
Sat Jan 3 00:31:08 CST 2009


On Fri, Jan 2, 2009 at 10:44 PM, Dragos Ruiu <dr at kyx.net> wrote:
>
> On 2-Jan-09, at 6:53 PM, Gadi Evron wrote:
>>
>> Yes, this is a serious matter, but it hardly has any operational impact to
>> speak of for users and none for NSPs.
>
> Dunno. Last I checked NSPs had web servers too. :-P

so, aside from 'get a re-issued cert signed SHA-1 from an approved CA
that's SHA-1 signed as well' what's the recourse for an NSP?

-chris




More information about the NANOG mailing list