[13596] in cryptography@c2.net mail archive
Re: An attack on paypal
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu Jun 12 10:22:53 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 12 Jun 2003 16:35:11 +1200
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: crawdad@fnal.gov, sunder@sunder.net
Cc: cryptography@metzdowd.com, cypherpunks@lne.com
"Matt Crawford" <crawdad@fnal.gov> writes:
>True as written, but Netscrape ind Internet Exploder each have a hack for
>honoring the same cert for multiple server names. Opera seems to honor at
>least one of the two hacks, and a cert can incorporate both at once.
>
> /C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services
> /CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov
> /CN=bravo.fnal.gov/CN=charlie.fnal.gov
Just to clarify this, so you need a multivalued CN, with one containing the
expression "(a|b|c)" and the remaining containing each of "a", "b", and "c"?
Is it multiple AVAs in an RDN, or multiple RDNs? (Either of these could be
hard to generate with a lot of software, which can't handle multiple AVAs in
an RDN or multiple same-type RDNs). Which hack is for MSIE and which is for
Netscape?
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
