[This thread is to continue the discussion from bug 554442; this
message
recaps the substance of the existing discussion.]
It would be great if a Mozilla-recognized CA would be willing to give
me, as the registrant of mattmccutchen.net, an intermediate CA
certificate with a critical name constrain
On 2010-04-03 04:29 PST, Eddy Nigg wrote:
> On 04/03/2010 01:07 PM, Nelson B Bolyard:
>> This is true because the attacker can arrange it so that the victim
>> client's first handshake is actually a renegotiation for the server.
>> It's NOT a renegotiation for the client, but it IS for the server
On Wed, 2010-03-31 at 18:48 +0300, Eddy Nigg wrote:
> On 03/31/2010 04:45 PM, Kai Engert:
> > == snip quote begin ==
> > E.g., the attacker would send:
> >
> > GET /pizza?toppings=pepperoni;address=attackersaddress HTTP/1.1
> > X-Ignore-This:
> >
> > And the server uses the victim's account
On 4/3/2010 6:45 AM, Jean-Marc Desperrier wrote:
On 02/04/2010 18:25, johnjbarton wrote:
The appropriate way to address this security problem starts by
contacting the major providers of server software
There's no need to contact them, they are well aware of the problem.
AFAIK they have all alr
On 02/04/2010 18:25, johnjbarton wrote:
The appropriate way to address this security problem starts by
contacting the major providers of server software
There's no need to contact them, they are well aware of the problem.
AFAIK they have all already issued the necessary updates.
It's the sites
On 04/03/2010 01:07 PM, Nelson B Bolyard:
This is true because the attacker can arrange it so that the victim client's
first handshake is actually a renegotiation for the server.
It's NOT a renegotiation for the client, but it IS for the server.
The server has previously negotiated with the attac
On 2010-04-02 11:07 PST, G. Richard Bellamy wrote:
> I have some questions about signtool. Once again, these are probably
> n00b questions, so I apologize if they’ve been covered elsewhere… any
> guidance on relevant links would be much appreciated (e.g. a link to a
> clearinghouse for doco on NSS
On 2010-04-02 14:06 PST, Eddy Nigg wrote:
> Hi Bob,
>
> On 04/02/2010 01:34 AM, Robert Relyea:
>>> When a client (as in our case Firefox) implements RFC 5746, the
>>> client can't be compromised and no data is leaked from the client. I
>>> propose that Firefox should support the RFC 5746 extensi
8 matches
Mail list logo