Security Basics mailing list archives
Re: wildcard SSL, is this a bad thing?
From: Andre Pawlowski <sqall () h4des org>
Date: Fri, 24 Apr 2009 08:30:53 +0200
The only risk I can see is that this certificate can match to more than only your 4 servers. If someone can crack your network and set up a server with a domain foobar.intranet.company.com he can use this certificate (and no one will get a missmatch) for this server.
But despite this scenario I would do the same thing for your problem. -- [] Andre Pawlowski visit http://h4des.org ------------------------------------------------------------------------ This list is sponsored by: InfoSec InstituteLearn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- wildcard SSL, is this a bad thing? robsonde (Apr 20)
- Re: wildcard SSL, is this a bad thing? kalgecin () gmail com (Apr 21)
- <Possible follow-ups>
- wildcard SSL, is this a bad thing? Derek Robson (Apr 20)
- Cyberspies hacked into $300 billion U.S. fighter Leonardo Dutra (Apr 22)
- Re: Cyberspies hacked into $300 billion U.S. fighter Marco M. Morana (Apr 24)
- Re: Cyberspies hacked into $300 billion U.S. fighter J. Oquendo (Apr 24)
- RE: Cyberspies hacked into $300 billion U.S. fighter Enquiries @ Globalart 4u (Apr 24)
- Re: Cyberspies hacked into $300 billion U.S. fighter J. Oquendo (Apr 24)
- Cyberspies hacked into $300 billion U.S. fighter Leonardo Dutra (Apr 22)
- Re: wildcard SSL, is this a bad thing? Andre Pawlowski (Apr 24)