MD5 considered harmful today: Creating a rogue CA certificate

At the Chaos Communication Congress in Berlin, right around NOW, a presentation is being delivered,“MD5 considered harmful today: Creating a rogue CA certificate

More details, slides,  and other goodness  here at phreedom.org

a Live video stream will be available, check in at http://events.ccc.de/congress/2008/wiki/Streaming

The talk will be delivered by Alexander Sotirov, Marc Stevens and Jacob Appelbaum.

Update: Rich Mogull has a very solid overview and briefing here.  (and for the record, any references to Chuck Norris are aces in my book).  His article – What Regular Users Need To Know about the SSL/Root Certificate Authority Exploit

Advertisements

One Response to “MD5 considered harmful today: Creating a rogue CA certificate”

  1. Aa'ed Alqarta Says:

    Imagine malware authors and phishers start combining rogue ca certificates and infect users’s systems and redirect them to a “fake bank website with valid certificate” … boom !

    read more …

    http://extremesecurity.blogspot.com/2008/12/kaminskys-dns-bug-rogue-ca-certificates.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: