Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com
Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

 






Current Newswire:

Tech Comics: "Daydream of a Tech Salesman"

Simplify Administration with Directory Services

The Best Filesystem for an external hard disk of 1TB with cross platform support

SECURITY: Bouncing malware from Android Market

Alfresco Embraces SaaS and the Cloud with Its New CMS Platform

Android, Tizen and the End of Java

Hardening Postfix For ISPConfig 3

Is Facebook's IPO an exit strategy?

PCLinuxOS KDE 2012.02 Has Been Officially Released

GhostBSD 2.5 review



Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Justtechjobs.com Post A Job | Post A Resume
:SSL trick certificate published
SSL trick certificate published
Oct 1, 2009, 17 :02 UTC (0 Talkback[s]) (7451 reads)

"For his trick, Appelbaum modified the certificate according to the method demonstrated by Moxie Marlinspike at the Black Hat conference, entering a zero character (\0) in the name field (CN, Common Name).

"Unlike Marlinspike, however, Appelbaum didn't enter the zero between the domain name and the name of Marlinspike's thoughtcrime.org domain. Instead, he entered *\00thoughtcrime.noisebridge.net, effectively creating a wild card certificate for arbitrary domain names:

CN= *\00thoughtcrime.noisebridge.net
OU = Moxie Marlinspike Fan Club
O = Noisebridge
L = San Francisco
ST = California
C = US"

Complete Story

Related Stories:
Microsoft Adds Support for StartCom Certificates(Sep 25, 2009)
APACHE Web server and SSL Authentication(Sep 08, 2009)
Use FreeRADIUS for Wi-Fi Authentication (Part 2)(Sep 02, 2009)
SSL Flaw by (Browser) Design?(Jul 23, 2009)
Sign your Code(Jul 08, 2009)
Securing a Revolution(Jun 30, 2009)
Highlight Domain & Subdomain for SSL websites in Firefox(May 28, 2009)
Positive Indicators (Phishing Alerts in Firefox)(May 14, 2009)
Open Source SSL Acceleration(Apr 16, 2009)



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!

..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP