Full Disclosure mailing list archives

Re: MSN Passport Cert improperly issued

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 18 Mar 2006 17:09:10 +1300

Babak Pasdar wrote:

It seems that MSN's cert for private login to the passport site is
issued for the wrong domain.


So?

Given what that cert means even if it is "right" (i.e. diddly squat -- 
basically someone paid some money to a company that your browser 
recognizes as a CA), it tells you nothing really important, so why 
sweat it being "wrong"?


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

MSN Passport Cert improperly issued Babak Pasdar (Mar 17)
- <Possible follow-ups>
- MSN Passport Cert improperly issued Babak Pasdar (Mar 17)
  - Re: MSN Passport Cert improperly issued Tim (Mar 17)
  - Re: MSN Passport Cert improperly issued Nick FitzGerald (Mar 17)
- Re: MSN Passport Cert improperly issued bigdaddyzeroday (Mar 17)
  - Re: MSN Passport Cert improperly issued Tim (Mar 17)