Kai Engert wrote:
> The domain owner
> could configure their server to include this OCSP response in all TLS
> handshakes, even though this OCSP response is unrelated to the server
> certificate actually being used.
For complete protection, the real domain holder would have to staple all the
OCSP
On 02/23/2012 11:52 AM, Kai Engert wrote:
As soon as the certificate has been revoked, the domain owner is able
to obtain an OCSP response for the rogue certificate. The domain owner
could configure their server to include this OCSP response in all TLS
handshakes, even though this OCSP respo
On 23.02.2012 20:53, Kai Engert wrote:
I've just sent the following message to Mozilla's dev-tech-crypto
mailing list, and I thought you might be interested, too.
I apologize for the double post, the second post was intended for a
different mailing list...
--
dev-tech-crypto mailing list
de
I've just sent the following message to Mozilla's dev-tech-crypto
mailing list, and I thought you might be interested, too.
While working on an updated paper of the MECAI proposal (which I hope to
post in the next couple of days), the following orthogonal idea came to
me. I don't know whether
While working on an updated paper of the MECAI proposal (which I hope to
post in the next couple of days), the following orthogonal idea came to
me. I don't know whether it is a new idea, or whether it has been
discussed/mentioned before.
Let's say the owner of a domain learns that a rogue cer
5 matches
Mail list logo
