[LINK] ssl security (lack of) paper
Tom Koltai
tomk at unwired.com.au
Sun Apr 18 20:36:02 AEST 2010
> -----Original Message-----
> From: link-bounces at mailman1.anu.edu.au
> [mailto:link-bounces at mailman1.anu.edu.au] On Behalf Of Roger Clarke
> Sent: Saturday, 17 April 2010 7:10 PM
> To: link at anu.edu.au
> Subject: [LINK] ssl security (lack of) paper
>
>
> [A colleague brought this to my attention. I'd not appreciated the
> *extent* to which SSL/TLS is capable of being compromised.]
>
> Certified Lies: Detecting and Defeating Government Interception
> Attacks Against SSL
> By Christopher Soghoian and Sid Stamm http://cryptome.org/ssl-mitm.pdf
>
> [The authors appear to be Ph.D. candidates at Indiana University. If
> they're right, then they need to run a fine line to avoid problems!]
>
>
Hmmm, Can't see the point of writing about it.
I thought everyone understood that Site Certificates had monitoring and
compliance with the interception act, capabilities.
... And it's too late. They published.
Tom
More information about the Link
mailing list