Become an SSLAdmin In a Few Easy Steps

Become an SSLAdmin In a Few Easy Steps 64

Posted by Soulskill on Sunday April 18, 2010 @09:15AM from the chain-of-trust dept.

Renderer of Evil writes "With news that it is rather simple to mimic authority with many webmail providers in order to coax an SSL certificate authority into creating one for the domain, a Canadian security expert has decided to take it upon himself to see who out there is actually vulnerable and provide information to the public on how prevalent this issue is as we speak. Out of eleven webmail services chosen at random and without prejudice, just under half of them permitted him to register with credentials (ssladmin) that allowed him to create an SSL certificate in their name. In most of these cases, there was a pre-existing, legitimately-acquired certificate." Update: 04/19 01:30 GMT by S : Kurt Seifried's original paper, on which the BetaNews article is based, provides more detailed information on the subject (PDF).

Become an SSLAdmin In a Few Easy Steps

Search 64 Comments Log In/Create an Account

Comments Filter:

1999 just called ... (Score:3, Funny)

by hweimer ( 709734 ) writes: on Sunday April 18, 2010 @09:58AM (#31886796) Homepage

... they want their exploits back.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Become an SSLAdmin In a Few Easy Steps 64

Become an SSLAdmin In a Few Easy Steps More Login

Become an SSLAdmin In a Few Easy Steps

1999 just called ... (Score:3, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot