[110332] in North American Network Operators' Group
Re: Security team successfully cracks SSL using 200 PS3's and MD5
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sat Jan 3 01:31:15 2009
Date: Sat, 3 Jan 2009 01:31:08 -0500
From: "Christopher Morrow" <morrowc.lists@gmail.com>
To: "Dragos Ruiu" <dr@kyx.net>
In-Reply-To: <519E6B84-3794-41AE-9D92-D052744D520C@kyx.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, Jan 2, 2009 at 10:44 PM, Dragos Ruiu <dr@kyx.net> wrote:
>
> On 2-Jan-09, at 6:53 PM, Gadi Evron wrote:
>>
>> Yes, this is a serious matter, but it hardly has any operational impact to
>> speak of for users and none for NSPs.
>
> Dunno. Last I checked NSPs had web servers too. :-P
so, aside from 'get a re-issued cert signed SHA-1 from an approved CA
that's SHA-1 signed as well' what's the recourse for an NSP?
-chris
