[26917] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: **maillist:: Outlook S/MIME Vulnerability

daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Torbj=F6rn_Hovmark?)
Wed Sep 4 14:58:56 2002

Message-ID: <000901c2541d$e1196d80$fe87a8c0@fujitsu>
From: =?iso-8859-1?Q?Torbj=F6rn_Hovmark?= <torbjorn.hovmark@abtrusion.com>
To: "Thomas Seliger" <SQEHXLLBQUJX@spammotel.com>, <bugtraq@securityfocus.com>
Date: Wed, 4 Sep 2002 16:18:01 +0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit

Thomas,

> Since the failure of checking certificate chain correctly seems to be
> buried deeper in windows (maybe in some DLL? some info from
> microsoft would be greatly appreciated [...]

The CryptoAPI function CertVerifyCertificateChainPolicy() could be an
interesting starting point. However, I get the feeling it is more a matter
of similar errors being made by different people in different development
teams.


Best regards,

Torbjörn Hovmark

______________________________________
Abtrusion Security AB
http://www.abtrusion.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26917] in bugtraq

Re: **maillist:: Outlook S/MIME Vulnerability

daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Torbj=F6rn_Hovmark?)Wed Sep 4 14:58:56 2002

daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Torbj=F6rn_Hovmark?)
Wed Sep 4 14:58:56 2002