Konstantin Antselovich

[also see LWN's write-up https://lwn.net/Articles/435214/ .] Curios message [allegedly] from a person who hacked into Comodo CA. Makes you wonder ... Basically the whole SSL trust is just a piece of crap and cannot be trusted at all -- major CA have thousands of reseller accounts protected only by username/password combination and *ANY* such account could be used to sign *ANY* certificate, i.e. amazom.com, yourbank.com, etc.

This entry was posted on Monday, April 4th, 2011 at 3:53 pm and is filed under browser, hacking, infosec, internet, Security, ssl. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.