oss-sec mailing list archives

Re: attacking hsts through ntp

From: Lukas Reschke <lukas () statuscode ch>
Date: Thu, 16 Oct 2014 21:31:53 +0200

On 16 Oct 2014, at 17:56, Kurt Seifried <kseifried () redhat com> wrote:
email agm () chromium org asking to be added to the whitelist, from the
domain you want white listed (otherwise they tend to ignore it). Usually
within a few business days they'll add it to the source code, and then
in the next browser update they will update the list and you will now be
white listed.


There is a fancy new way via web to submit domains: https://hstspreload.appspot.com/
(link can also be found at http://www.chromium.org/sts)

Current thread:

attacking hsts through ntp Hanno Böck (Oct 16)
- Re: attacking hsts through ntp Kurt Seifried (Oct 16)
  - Re: attacking hsts through ntp Lukas Reschke (Oct 16)
  - Re: attacking hsts through ntp Hanno Böck (Oct 16)
    - Re: attacking hsts through ntp Kurt Seifried (Oct 16)
    - Re: attacking hsts through ntp Hanno Böck (Oct 16)
    - Re: attacking hsts through ntp Kurt Seifried (Oct 16)
    - Re: attacking hsts through ntp Michal Zalewski (Oct 16)
    - Re: attacking hsts through ntp Hanno Böck (Oct 16)
    - Re: attacking hsts through ntp Adam Langley (Oct 16)
- Re: attacking hsts through ntp Michael Samuel (Oct 16)
  - Re: attacking hsts through ntp Kurt Seifried (Oct 16)
    - Re: attacking hsts through ntp Hanno Böck (Oct 17)

(Thread continues...)