Chris Hills wrote, On 2008-12-30 08:49: > On 30/12/08 17:47, Nelson B Bolyard wrote: >> I meant to add: The paper with the real facts is seen at >> http://www.win.tue.nl/hashclash/rogue-ca/ > > In the meantime, could a list of the affected CA's be made available so > that we may remove the trust bits from our own certificate stores?
It's in section 5.1 of that paper _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto