Full Disclosure mailing list archives
VerySign Class 1 Authority - bogus SSL certificate?
From: Chris van der Pennen <chris () sw gotdns org>
Date: Wed, 2 Jun 2004 07:39:31 +0930 (Cen. Australia Standard Time)
I've been getting SSL certificates from various websites recently that are apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign. The certificate expired 6 December 2002. The data in Issued To and Issued By are identical. This smells very much like an SSL hijack attempt - can anyone shed some light on the situation? Chris _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- VerySign Class 1 Authority - bogus SSL certificate? Chris van der Pennen (Jun 01)
- Re: VerySign Class 1 Authority - bogus SSL certificate? Sebastian Krahmer (Jun 02)
- RE: VerySign Class 1 Authority - bogus SSL certificate? Aditya, ALD [Aditya Lalit Deshmukh] (Jun 02)
- Re: VerySign Class 1 Authority - bogus SSL certificate? Valdis . Kletnieks (Jun 02)
- Re: VerySign Class 1 Authority - bogus SSL certificate? Nicola Del Vacchio (Jun 02)