Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Administrivia: List Compromised due to Mailman Vulnerability

From: Frank Knobbe <frank () knobbe us>
Date: Wed, 09 Feb 2005 14:14:35 -0600
On Wed, 2005-02-09 at 15:01 -0500, Valdis.Kletnieks () vt edu wrote:

To prevent getting lulled into a phishing scam, could you please confirm
the fingerprints of the self-signed SSL certificate that mailman is
running on?  :)


Bonus points if the fingerprint is in a mail that's digitally signed, so we
know the phisher isn't faking the mail....

Hand me some more tinfoil, will ya? :)


heh... nah, having John look at the cert and say "Yup, that's mine" is
enough of a trust-level for me. (On the other hand, if he says "Oh
shit!" then the verification step has served its purpose :)

Cheers,
Frank (who knows he's being watched ;)

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: