[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities

To: dvs@xxxxxxxxxxxx
Subject: Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
From: Andrew Auernheimer <gluttony@xxxxxxxxx>
Date: Wed, 8 Sep 2010 13:53:28 -0500

> This is no different then installing a client cert

Yes, exactly. This is as equally secure as installing a client cert.
Except it is achieved without a client cert, using only a password, in
a manner that can be more easily scaled to lots of users.

>
>
> Trying to not sound like a dick,
> dvs.
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
  - From: Christian Sciberras
- Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
  - From: Tim

Prev by Date: Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
Next by Date: Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
Previous by thread: Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
Next by thread: Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities
Index(es):
- Date
- Thread