it seems to me the fake certificates that a tool like ettercap iussues. compare whith this (fake) verificate. cheers nicola del vacchio security consultant genova italy nicola@xxxxxxxxxxxxx Il mer, 2004-06-02 alle 18:45, Valdis.Kletnieks@xxxxxx ha scritto: > On Wed, 02 Jun 2004 07:39:31 +0930, Chris van der Pennen > <chris@xxxxxxxxxxxxx> said: > > I've been getting SSL certificates from various websites recently that are > > apparently from a "VerySign Class 1 Authority" - note the 'y' in VerySign. > > The certificate expired 6 December 2002. > > > The data in Issued To and Issued By are identical. > > > This smells very much like an SSL hijack attempt - can anyone shed some > > light on the situation? > > Or some webserver package that builds a self-signed certificate so SSL works > without having to pay Verisign, and does so in a "cute" manner that users are > likely to accept the cert without thinking about it. It's probably NOT a > hijack > attempt unless you have *OTHER* evidence of that (phishy-looking redirect > javascript on the page, etc....) > > Given how little *real* security a signed cert creates, it's probably not > worth > worrying about. >
Attachment:
fake-verisign-ca1.cer
Description: application/x509-ca-cert
Attachment:
signature.asc
Description: Questa parte del messaggio =?iso-8859-1?q?=E8?= firmata