nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The state-level attack on the SSL CA security model

From: Richard Barnes <richard.barnes () gmail com>
Date: Thu, 24 Mar 2011 10:59:45 -0400
Which is especially funny since Comodo is citing the fact that they've
had no OCSP requests for the bad certs as evidence that they haven't
been used.

--Richard



On Thu, Mar 24, 2011 at 10:53 AM, Tony Finch <dot () dotat at> wrote:

Harald Koch <chk () pobox com> wrote:


This story strikes me as a success - the certs were revoked immediately, and
it took a surprisingly short amount of time for security fixes to appear all
over the place.


It would have been much easier if certificate revocation actually worked
properly.

http://www.imperialviolet.org/2011/03/18/revocation.html

Tony.
--
f.anthony.n.finch  <dot () dotat at>  http://dotat.at/
Viking, North Utsire, South Utsire: Westerly veering northerly, 4 or 5,
occasionally 6 at first. Moderate or rough. Occasional rain. Moderate or good,
occasionally poor at first.
Previous By Date Next
Previous By Thread Next

Current thread: