, 2009-01-05
A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem.
Expand all |
Post comment
MD5 Hack Interesting, But Not Threatening
2009-01-06
Charlie Miller (1 replies)
Charlie Miller (1 replies)
Re: MD5 Hack Interesting, But Not Threatening
2009-01-06
Robert Lemos (5 replies)
Robert Lemos (5 replies)
Verisign were notified about this work prior to the presentation
2009-01-06
Alexander Sotirov (1 replies)
Alexander Sotirov (1 replies)
MD5 Hack Interesting, But Not Threatening
2009-01-08
Charles Hunter (1 replies)
Charles Hunter (1 replies)
Re: MD5 Hack Interesting, But Not Threatening
2009-01-09
Robert Lemos (2 replies)
Robert Lemos (2 replies)
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/488/35300#35300