On 03.01.2009 04:59, Eddy Nigg wrote:
The report is available from here: https://blog.startcom.org/?p=161
That's surely interesting, but the report does not contain any details
of interest.
It only says
"The attack ... involved proxying ,intercepting all communication from
and to the browser and eventually modification of the browser response
to the server. A tool like
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project was used
for the attack."
That's all it says about the problem. Which tells me nothing, other than
that the *user*s browser might have been involved in some critical
verification steps.
Other info;
"Only low-assurance Class 1 certificates were involved."
He passed all your tests and you only noticed, because he tried to get a
cert for verisign/paypal.com, which are on your blacklist. While that's
a good idea, it obviously wouldn't have prevented registration of other
targets.
So, what really happened and why? How is the browser any relevant in the
verification steps?
Ben
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
