Dear observatory people,
I am writing here in order to brainstorm some useful ideas about attacks on ssl, hope this stays in topic. Roughly speaking, I have been assigned a bachelor thesis consisting in testing known attacks to RSA in ssl (bad seed, low exponent, common modulus, etc.); there are tons of papers about it, and eff with the observatory already did a great job (yay, thanks!). So, given that I must stick with the project definition of studying the security of ssl certificates, I was wondering whether there is anything I could do/experiment using the observatory. Something you just drafted, or didn't have the time to develop. I would be glad to contribute, for something like 10h/w, for ~3 months. I have already subscribed to Crypto-ops, thinking of it as an interesting option. But, I don't know if my availability suits your needs. All the best, -- m.
