Intrepidus Group
Insight

Monthly Archives: December 2008

More than one way to skin a CA

Posted: December 31, 2008 – 10:22 pm | Author: | Filed under: Uncategorized

Alex Sotirov, Jacob Appelbaum, and crew did some awesome work. They showed that it was possible to exploit RapidSSL’s use of MD5 for signing certificates in order to create their own rogue CA signing certificate. This exploitation is many orders of magnitude more severe than when I used a loop hole to get the login.live.com […]

image

This site is protected with Urban Giraffe's plugin 'HTML Purified' and Edward Z. Yang's Powered by HTML Purifier. 24491 items have been purified.