lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 09 Aug 2008 05:49:42 +1200 From: pgut001@...auckland.ac.nz (Peter Gutmann) To: dave.korn@...imi.com, ekr@...workresonance.com Cc: benl@...gle.com, bugtraq@...urityfocus.com, cryptography@...zdowd.com, full-disclosure@...ts.grok.org.uk, general@...nid.net, security@...nid.net Subject: Re: OpenID/Debian PRNG/DNS Cache poisoning advisory Eric Rescorla <ekr@...workresonance.com> writes: >It's easy to compute all the public keys that will be generated >by the broken PRNG. The clients could embed that list and refuse >to accept any certificate containing one of them. So, this >is distinct from CRLs in that it doesn't require knowing >which servers have which cert... You'd also end up with a rather large list for the client to carry around, which would be especially problematic for lightweight clients. You'd need to represent it as something like a Bloom filter to avoid this (given that most users will just click OK on invalid certs, the small false positive rate shouldn't have much effect either :-). Peter.
Powered by blists - more mailing lists