[110329] in North American Network Operators' Group
Re: Security team successfully cracks SSL using 200 PS3's and MD5
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Jan 2 21:53:28 2009
Date: Fri, 2 Jan 2009 20:53:06 -0600 (CST)
From: Gadi Evron <ge@linuxbox.org>
To: Dragos Ruiu <dr@kyx.net>
In-Reply-To: <85140EB3-6CED-43ED-8340-493338E7BCCE@kyx.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, 2 Jan 2009, Dragos Ruiu wrote:
> www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation;
> sid:1000001;)
You can't really use any snort rule to detect SHA-1 certs created by a
fake authority created using the MD5 issue.
Yes, this is a serious matter, but it hardly has any operational impact to
speak of for users and none for NSPs.
Gadi.
