Bugtraq mailing list archives
Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
From: "Ben Laurie" <benl () google com>
Date: Tue, 12 Aug 2008 14:31:00 +0100
On Tue, Aug 12, 2008 at 9:55 AM, Clausen, Martin (DK - Copenhagen) <mclausen () deloitte dk> wrote:
You could use the SSL Blacklist plugin (http://codefromthe70s.org/sslblacklist.asp) for Firefox or heise SSL Guardian (http://www.heise-online.co.uk/security/Heise-SSL-Guardian--/features/11 1039/) for IE to do this. If presented with a Debian key the show a warning. The blacklists are implemented using either a traditional blacklist (text file) or distributed using DNS.
Browser plugins do not assist RPs.
Current thread:
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory, (continued)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla (Aug 08)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Forrest J. Cavalier III (Aug 12)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 12)
- key blacklisting & file size (was: OpenID/Debian PRNG/DNS Cache poisoning advisory) Solar Designer (Aug 08)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Florian Weimer (Aug 12)
- Message not available
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 08)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Stefan Kanthak (Aug 12)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Tim Dierks (Aug 12)
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Leichter, Jerry (Aug 08)
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory Clausen, Martin (DK - Copenhagen) (Aug 12)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Ben Laurie (Aug 12)