[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] AIA cert fetching seen as harmful

To: tls@xxxxxxxx
Subject: Re: [TLS] AIA cert fetching seen as harmful
From: Mike <mike-list@xxxxxxxxx>
Date: Mon, 14 Apr 2008 07:58:59 -0700
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <48036F9A.1020900@xxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <E1JlOqU-000695-1U@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <48036F9A.1020900@xxxxxxxxx>
Sender: tls-bounces@xxxxxxxx
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

> today, all an attacker has to do is follow the protocol and specify a
> bogus URL in the client hello.

Sorry, I meant the CertificateURL message.

Mike
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Peter Gutmann
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Mike

Prev by Date: Re: [TLS] AIA cert fetching seen as harmful
Next by Date: Re: [TLS] AIA cert fetching seen as harmful
Previous by thread: Re: [TLS] AIA cert fetching seen as harmful
Next by thread: Re: [TLS] AIA cert fetching seen as harmful
Index(es):
- Date
- Thread