Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Do The SSL Watchmen Watch Themselves?

Submitted by StrongestLink
StrongestLink (666) writes "In an intriguing twist on the recent Comodo CA vulnerability reported here last week, security researcher Mike Zusman today disclosed that three days prior to StartCom's disclosure of a flaw in a Comodo reseller's registration process, he discovered and disclosed an authentication bypass flaw to StartCom in their own registration process that allowed an attacker to submit an authorized request for any domain. During a month which was marked by the continuing paradigm shift to SSL-verified holiday shopping, the Chain of Trust continues to run off the gears, and Bruce Schneier is even commenting publicly that SSL's site validation mission isn't even relevant. What lies ahead for the billion-dollar CA industry?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Do The SSL Watchmen Watch Themselves?

Comments Filter:

An inclined plane is a slope up. -- Willard Espy, "An Almanac of Words at Play"

Working...