Security Basics mailing list archives

SSL protocol flaw, request for opinions

From: Juan Velasquez <juan () EvolutionH com>
Date: Thu, 20 Feb 2003 21:46:24 -1000

I just read this story which explains how the Swiss Federal Institute ofTechnologyexploited a flaw in the SSL protocol to hijack an 8 character passwordfrom a bunch of SSL encrypted email logins.

I was surprised. What does the security community think of this?

http://www.newscientist.com/news/news.jsp?id=ns99993420


--

Juan Velasquez
Juan () EvolutionhH com

Current thread:

SSL protocol flaw, request for opinions Juan Velasquez (Feb 22)
- Re: SSL protocol flaw, request for opinions Gayle Shipp (Feb 24)
- RE: SSL protocol flaw, request for opinions Benjamin Meade (Feb 24)
- Re: SSL protocol flaw, request for opinions Angelo Perniola (Feb 24)
- Re: SSL protocol flaw, request for opinions Naveen Maram (Feb 24)