| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1b587cab0808120631m501acb92t16666a4dc7492956@mail.gmail.com> Date: Tue, 12 Aug 2008 14:31:00 +0100 From: "Ben Laurie" <benl@...gle.com> To: "Clausen, Martin (DK - Copenhagen)" <mclausen@...oitte.dk> Cc: "Eric Rescorla" <ekr@...workresonance.com>, bugtraq@...urityfocus.com, security@...nid.net, "OpenID List" <general@...nid.net>, cryptography@...zdowd.com, full-disclosure@...ts.grok.org.uk Subject: Re: OpenID/Debian PRNG/DNS Cache poisoning advisory On Tue, Aug 12, 2008 at 9:55 AM, Clausen, Martin (DK - Copenhagen) <mclausen@...oitte.dk> wrote: > You could use the SSL Blacklist plugin > (http://codefromthe70s.org/sslblacklist.asp) for Firefox or heise SSL > Guardian > (http://www.heise-online.co.uk/security/Heise-SSL-Guardian--/features/11 > 1039/) for IE to do this. If presented with a Debian key the show a > warning. > > The blacklists are implemented using either a traditional blacklist > (text file) or distributed using DNS. Browser plugins do not assist RPs.
Powered by blists - more mailing lists