Tag Archives: rogue certification authority

Insider Rogue Certification Authority Attack

January 18, 2012 · by twrightson · in General · 1 Comment

Overview The fundamental issue with SSL is that of trust. Despite all the effort that has gone into a robust and cryptographically secure design for SSL, its foundation is still easily abused. In this paper I will explain an often-overlooked area of SSL exploitation. That is the ability for any certificate to act as a […]

RT @Erdal_Ozkaya: I would like to thank all the experts who has contributed in my latest book ,"Incident Response in the Age of the Cloud"… 2 years ago
@sum_b0dy @2600 Holy cow, I remember that exact issue! I think I still have it in a box somewhere. Good memories! 2 years ago
Do I have any friends that have experience writing a Windows Credential Provider? I know a cool authentication star… twitter.com/i/web/status/1… 2 years ago

Follow @tbwrightson

Tyler Wrightson's Security Blog

Tag Archives: rogue certification authority

Insider Rogue Certification Authority Attack

Feedback Always Welcome

Archives

Categories

Twitter Feed

Follow Blog via Email