Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
On Tue, 13 May 2008 21:29:53 +0200, Vincent Bernat wrote:
> - It seems that firefox does not handle CRL unless manually imported,
> correct? This means that in most cases already issued certificates
> are still vulnerable even revoked. A quick look seems to show that
> most software do not handle CRL at all.
Yes, x509 is fundamentally broken in the first place.
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078