[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenID/Debian PRNG/DNS Cache poisoning advisory

To: "Clausen, Martin (DK - Copenhagen)" <mclausen@xxxxxxxxxxx>
Subject: Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
From: "Ben Laurie" <benl@xxxxxxxxxx>
Date: Tue, 12 Aug 2008 14:31:00 +0100

On Tue, Aug 12, 2008 at 9:55 AM, Clausen, Martin (DK - Copenhagen)
<mclausen@xxxxxxxxxxx> wrote:
> You could use the SSL Blacklist plugin
> (http://codefromthe70s.org/sslblacklist.asp) for Firefox or heise SSL
> Guardian
> (http://www.heise-online.co.uk/security/Heise-SSL-Guardian--/features/11
> 1039/) for IE to do this. If presented with a Debian key the show a
> warning.
>
> The blacklists are implemented using either a traditional blacklist
> (text file) or distributed using DNS.

Browser plugins do not assist RPs.

References:
- Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
  - From: Eric Rescorla
- RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
  - From: Clausen, Martin (DK - Copenhagen)

Prev by Date: RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
Next by Date: Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
Previous by thread: RE: OpenID/Debian PRNG/DNS Cache poisoning advisory
Next by thread: Re: OpenID/Debian PRNG/DNS Cache poisoning advisory
Index(es):
- Date
- Thread