On 04/04/2010 09:34 AM, Nelson B Bolyard:
It's not so trivial.
It's trivial from the logical point of view.
I did wonder about this once or twice over 13 years, but didn't see any way to exploit it and so I thought it was safe. Someone finally found a way. Thank goodness Marsh Ray wears a white hat!
Unfortunately we don't know how many times this has been used successfully. Thanks for the explanations, it broadened my understanding about its potential misuse.
-- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP: start...@startcom.org Blog: http://blog.startcom.org/ Twitter: http://twitter.com/eddy_nigg -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto