TLS Man-In-The-Middle Vulnerability
Marcus Griep
tormaster at xpdm.us
Thu Nov 5 19:10:00 UTC 2009
Don't know if any one else has seen or taken a look at this. I don't know if
this affects Tor, though I believe that we do use certificate renegotiation
in the protocol, and that is the entry vector for this particular
vulnerability:
"TLS Man-in-the-middle on renegotiation vulnerability made public"
http://isc.sans.org/diary.html?storyid=7534
--
Marcus Griep
——
Ακακια את.ψο´, 3°
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20091105/178b0bb9/attachment.htm>
More information about the tor-talk
mailing list