[7973] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Malign SSL server attacks

daemon@ATHENA.MIT.EDU (rsalz@CaveoSystems.com)
Wed Oct 18 13:27:58 2000

From: rsalz@CaveoSystems.com
Date: Tue, 17 Oct 2000 12:02:35 -0400
Message-Id: <200010171602.MAA13355@os390.caveosystems.com>
To: cryptography@c2.net

I am not familiar enough with the protocol to answer this question:
is it possible for an evil SSL server to send packets such that it
ends up with an arbitrary signature from a client?  I'm trying to
emphasize the importange of keyUsage bits. :)

Thanks.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7973] in cryptography@c2.net mail archive

Malign SSL server attacks

daemon@ATHENA.MIT.EDU (rsalz@CaveoSystems.com)Wed Oct 18 13:27:58 2000

daemon@ATHENA.MIT.EDU (rsalz@CaveoSystems.com)
Wed Oct 18 13:27:58 2000