Comments | turgid: This is big

turgid

This is big

Dec 30, 2008 10:52

http://www.win.tue.nl/hashclash/rogue-ca/

The key words:

As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers.So, yeah, SSL is pretty busted right now; it'll take a lot of work on the CA's part to fix this...

oh shit

Comments 5

llarian December 30 2008, 19:32:58 UTC

Yikes. That is huge...

3ricj December 30 2008, 19:45:23 UTC

nah, ssl has been broken for years.

3ricj December 30 2008, 19:45:10 UTC

this is very old news.

turgid December 30 2008, 19:47:34 UTC

Sure, that this is possible has been known for a while. But this is the first time someone's made a cookbook, followed the recipe, and showed everyone how tasty the pie is.

-Jon

llarian December 31 2008, 07:50:44 UTC

I like pie