Re: [Full-disclosure] Creating a rogue CA certificate

From: n3td3v <xploitable@xxxxxxxxx>
Date: Tue, 30 Dec 2008 20:10:16 +0000

Aiding script kids to get credit card numbers out of folks e-commerce
purchases. I'm sure the U.S secret service have a special interest in
this vulnerability, as so much of their time nowadays is taken up
following up on internet carders and shutting them down.

On Tue, Dec 30, 2008 at 5:03 PM, Elazar Broad <elazar@xxxxxxxxxxxx> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SSL/PKI is only as strong as the weakest CA...

For those of you who haven't been following this, here you go:

http://www.win.tue.nl/hashclash/rogue-ca/
http://www.phreedom.org/research/rogue-ca/md5-collisions-1.0.ppt

Enjoy and Happy New Years!

elazar
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQECAAYFAklaVFQACgkQi04xwClgpZh4TQP+ODe2/jTHhOrLbKtoSJhZInX+lJXt
LMkU/xlYK1Au/f1E5KhXt43uMWYSeC/M0njQRPLyrDfihFlLsmAxGK/97kRQfxEttbcN
R0q1BL+WmbiGNglujzSWHqMSkn20r12itVfGP77nEbGYbjidV1BXxFNR2QQwLHZhGLWe
gVO/5Zg=
=+Pm+
-----END PGP SIGNATURE-----

--
Click for free info on getting an MBA, $200K/ year potential.
http://tagline.hushmail.com/fc/PnY6qxsZwUN6299xt0fJO8HvJUKovV4hcZ7MH3I6KbhlC0IDsYiG8/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Creating a rogue CA certificate
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] Creating a rogue CA certificate
  - From: Ureleet
- Re: [Full-disclosure] Creating a rogue CA certificate
  - From: j-f sentier
- Re: [Full-disclosure] Creating a rogue CA certificate
  - From: Nelson Murilo

References:
- [Full-disclosure] Creating a rogue CA certificate
  - From: Elazar Broad

Prev by Date: Re: [Full-disclosure] Creating a rogue CA certificate
Next by Date: Re: [Full-disclosure] Creating a rogue CA certificate
Previous by thread: Re: [Full-disclosure] Creating a rogue CA certificate
Next by thread: Re: [Full-disclosure] Creating a rogue CA certificate
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] AntiAntiSec / Endgame
... protect little snots like yourselves. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday
... and restraint by not responding to your personal jabs, ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Barack Obama <-- Not Appropriate
... That basically proves you are here to do propaganda - either voluntarily ... Mossad and being paid to post on full-disclosure. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] e-Holocaust
... The .com domains were actually Israeli, ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] The war in Palestine
... But people like Schneider ask for this hate. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)