Skip to Content.
Sympa Menu

cacert-sysadm - Re: new SSL Attacks

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

Re: new SSL Attacks


Chronological Thread 
  • From: Ian G <iang AT iang.org>
  • To: CAcert System Administrators <cacert-sysadm AT lists.cacert.org>, "CAcert Code Development list." <cacert-devel AT lists.cacert.org>
  • Subject: Re: new SSL Attacks
  • Date: Thu, 30 Jul 2009 17:07:55 +0200

On 30/7/09 16:36, Ian G wrote:
On 30/7/09 16:07, Henrik Heigl - cacert.org wrote:
Hy there,

in the past we also have to deal with the news from SSL attacks. There
is a new one:
http://blogs.itworldcanada.com/security/2009/07/30/learnings-from-blackhat-new-attacks-on-ssl/

So I ask if there is anything to say here from CAcert?! I want to send
out some PR on that...


OK, good question! We are supposed to be leaders in security :)

The article is fairly light, so not a lot to say. If there are better
articles like the actual presentations, that might help...


I haven't time to chase these but here's a slice of articles from my security sp@m service:



More holes found in Web's SSL security protocol
http://www.networkworld.com/news/2009/073009-more-holes-found-in-webs.html
comment
http://www.garlic.com/~lynn/2009k.html#38
Researchers exploit SSL and domain flaws
http://news.zdnet.com/2100-9595_22-326500.html
Wildcard certificate spoofs web authentication
http://www.theregister.co.uk/2009/07/30/universal_ssl_certificate/
Kaminsky reveals key flaws in X.509 SSL certificates at Black Hat
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1363108,00.html
More Holes Found in Web's SSL Security Protocol
http://tech.yahoo.com/news/pcworld/20090730/tc_pcworld/moreholesfoundinwebssslsecurityprotocol
More holes found in Web's SSL security protocol
http://www.computerworld.com/s/article/9136074/More_holes_found_in_Web_s_SSL_security_protocol
More Holes Found in Web's SSL Security Protocol
http://www.pcworld.com/businesscenter/article/169313/more_holes_found_in_webs_ssl_security_protocol.html
More holes found in Web's SSL security protocol Security Central
http://www.infoworld.com/d/security-central/more-holes-found-in-webs-ssl-security-protocol-644
BIND 9 DNS under attack - time to update - InternetNews:The Blog -
Sean Michael Kerner
http://blog.internetnews.com/skerner/2009/07/bind-9-dns-under-attack-time-t.html
BIND name server vulnerable to DoS attacks - News - The H Security:
News and features
http://www.h-online.com/security/BIND-name-server-vulnerable-to-DoS-attacks--/news/113872



Archive powered by MHonArc 2.6.16.

Top of Page