[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Five Ways to Screw Up SSL

To: "Ginsu Rabbit" <ginsurabbit@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] Five Ways to Screw Up SSL
From: "Dude VanWinkle" <dudevanwinkle@xxxxxxxxx>
Date: Sun, 21 May 2006 20:04:49 -0400

On 5/21/06, Ginsu Rabbit <ginsurabbit@xxxxxxxxxxx> wrote:
Stuff



The only thing that matters about SSL is the fact that it encrypts the
data. You can reduce your checklist to:
-----------------------------------------------------
1: Make sure you use a good cipher |
-----------------------------------------------------

Why would it matter who signed it? As long as the data is encrypted as
it travels over the internet, I am happy.

Self signed is just as encrypted as Verisigned.

-JP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re[2]: [Full-disclosure] Five Ways to Screw Up SSL
  - From: Thierry Zoller
- Re: [Full-disclosure] Five Ways to Screw Up SSL
  - From: Michael Holstein

References:
- Re: [Full-disclosure] Five Ways to Screw Up SSL
  - From: Michal Zalewski
- Re: [Full-disclosure] Five Ways to Screw Up SSL
  - From: Ginsu Rabbit

Prev by Date: Re: [Full-disclosure] Responsibility
Next by Date: [Full-disclosure] I'm ready to tell the police
Previous by thread: Re: [Full-disclosure] Five Ways to Screw Up SSL
Next by thread: Re[2]: [Full-disclosure] Five Ways to Screw Up SSL
Index(es):
- Date
- Thread