[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

On Tue, 13 May 2008 21:29:53 +0200, Vincent Bernat wrote:

>  - It seems  that firefox does not handle  CRL unless manually imported,
>    correct? This  means that in  most cases already  issued certificates
>    are still  vulnerable even revoked. A  quick look seems  to show that
>    most software do not handle CRL at all.

Yes, x509 is fundamentally broken in the first place.

Sam Morris
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078

Reply to: