Full Disclosure mailing list archives
Re: Mozilla Thunderbird SMTP down-negotiation weakness
From: Steve Friedl <steve () unixwiz net>
Date: Fri, 14 Oct 2005 21:48:52 -0700
On Sat, Oct 15, 2005 at 06:10:35AM +0300, Markus Jansson wrote:
Lets not forget that STILL all Mozilla products fail to show RSA/asymmetric keysize in any sensible format.
There are exactly seven people on the planet who will actually make different surfing decisions based on the symmetric key size shown in a browser, and you're one of them - I don't know where the other six are. When the majority of people can't figure out whether they are visiting their bank or not, will say "Sure, accept that SSL cert" even when ID'd as "Joe's Phishing Gang", and believe that the McAfee A/V which came with their Dell PC 3 years ago is still current, your being hysterically concerned about keysize (as you have on BroadbandReports for years) sure seems like nothing in perspective. Steve --- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | steve () unixwiz net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mozilla Thunderbird SMTP down-negotiation weakness Thomas Henlich (Oct 14)
- Security Scanners Adriel Desautels (Oct 15)
- <Possible follow-ups>
- Mozilla Thunderbird SMTP down-negotiation weakness Markus Jansson (Oct 14)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Steve Friedl (Oct 14)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Tim (Oct 14)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Markus Jansson (Oct 15)
- Re: Mozilla Thunderbird SMTP down-negotiation weakness Tim (Oct 16)