Full Disclosure mailing list archives

Re: Five Ways to Screw Up SSL

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Sun, 21 May 2006 20:04:49 -0400

On 5/21/06, Ginsu Rabbit <ginsurabbit () hotmail com> wrote:
Stuff



The only thing that matters about SSL is the fact that it encrypts the
data. You can reduce your checklist to:
-----------------------------------------------------
1: Make sure you use a good cipher |
-----------------------------------------------------

Why would it matter who signed it? As long as the data is encrypted as
it travels over the internet, I am happy.

Self signed is just as encrypted as Verisigned.

-JP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Five Ways to Screw Up SSL Ginsu Rabbit (May 21)
- Re: Five Ways to Screw Up SSL Michal Zalewski (May 21)
  - Re: Five Ways to Screw Up SSL Ginsu Rabbit (May 21)
    - Re: Five Ways to Screw Up SSL Dude VanWinkle (May 21)
    - Re[2]: Five Ways to Screw Up SSL Thierry Zoller (May 21)
    - Re: Re[2]: Five Ways to Screw Up SSL Dude VanWinkle (May 22)
    - Re: Five Ways to Screw Up SSL Michael Holstein (May 22)
    - Re: Five Ways to Screw Up SSL Dude VanWinkle (May 22)
    - Re: Five Ways to Screw Up SSL Valdis . Kletnieks (May 22)
    - Re: Five Ways to Screw Up SSL Brian Dessent (May 22)
    - Re: Five Ways to Screw Up SSL Dude VanWinkle (May 23)
    - Re: Five Ways to Screw Up SSL Brian Eaton (May 23)
    - Re: Five Ways to Screw Up SSL Dude VanWinkle (May 23)
    - Re: Five Ways to Screw Up SSL Michael Holstein (May 22)

(Thread continues...)