Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

+ - PKI vulnerability leads to rougue CA certificate

Submitted by
mrowton
mrowton writes "A recent proff of concept presented at the 25th Annual Chaos Communication Congress (CCC) outlines a dramatic new vulnerability with PKI. From the paper, "As a result of this successful attack, we are currently in possession of a rogue Certification Authority certificate. This certificate will be accepted as valid and trusted by all common browsers, because it appears to be signed by one of the root CAs that browsers trust by default. In turn, any website certificate signed by our rogue CA will be trusted as well.""

Never keep up with the Joneses. Drag them down to your level. -- Quentin Crisp

Working...