Re: Certificate Vulnerability

2008-05-16 Thread Frank Hecker
David E. Ross wrote: > See . Discussion of > this at the Risks Forum 25.15 indicates that "All SSL and SSH keys > generated on Debian-based systems (Ubuntu, Kubuntu, etc) between > September 2006 and May 13th, 2008 may be affected." See "Debian

Re: Debug build

2008-05-16 Thread Nelson B Bolyard
Kai Engert wrote, On 2008-05-16 03:26: > Binary value of the serial/issuer encoded as base 64. Except that for the serial number, it only includes the "Contents" octets of the DER encoding. The Identifier and Length octets are stripped off. > I have updated the page in the hope to clarify thing

Re: Debug build

2008-05-16 Thread Eddy Nigg (StartCom Ltd.)
Kyle Hamilton: (While I understand the need for a common language between the systems in the world, the fact that most of the Internet doesn't use ASN.1 means that security researchers are operating in something of a void, a vacuum, that other Internet-protocol implementors and researchers can't

Re: Debug build

2008-05-16 Thread Kyle Hamilton
For more information, please see http://www.oss.com/asn1/dubuisson.html -- Olivier Dubuisson's book on ASN.1 and how its encoding rules work. (While I understand the need for a common language between the systems in the world, the fact that most of the Internet doesn't use ASN.1 means that securit

Re: Debug build

2008-05-16 Thread Eddy Nigg (StartCom Ltd.)
Julien R Pierre - Sun Microsystems: Eddy, Eddy Nigg (StartCom Ltd.) wrote: The page says: "One noteworthy detail are the issuer and serial number fields, those most be provided in their encoded form (*as stored in the certificate*) and transformed to base64." What does that mean? Is it HEX

Re: Debug build

2008-05-16 Thread Julien R Pierre - Sun Microsystems
Eddy, Eddy Nigg (StartCom Ltd.) wrote: > > The page says: "One noteworthy detail are the issuer and serial number > fields, those most be provided in their encoded form (*as stored in the > certificate*) and transformed to base64." > > What does that mean? Is it HEX like 0x0 or 0 or the binary

Re: Debug build

2008-05-16 Thread Kai Engert
Eddy Nigg (StartCom Ltd.) wrote: > For the sport I'm following http://wiki.mozilla.org/PSM:EV_Testing and > I'm not sure about the fourth paramenter of the test_ev_roots.txt > file: 4_serial > > The page says: "One noteworthy detail are the issuer and serial number > fields, those most be p