I started a new hobby: pointing out vulnerabilities for a particular man-in-the-middle attack. It is described in CVE-2009-3555: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla […]
Tag: security
I’ve had some ideas for things and things to do at some point in the future, but I can’t do all of them at the same time and most ideas need more thought (and research). I’ll list them here, not ordered by priority in any case, hopefully to inspire more ideas and spark discussion.