Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[P1363:] mitm

An interesting case of a Man in the Middle attack due to a hole in the protocol.


http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=221600478
http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

Because actual modern implementation of certificates is so flimsy, 
we need to be aware of documenting such things as protocols,
procedures, or business rules that allow such MITM attacks.

______________________________________________________________________
To unsubscribe, mail LISTSERV@xxxxxxxxxxxxxxxxx with
the body of the message containing: SIGNOFF STDS-P1363-DISCUSS
Send any concerns to STDS-P1363-DISCUSS-request@xxxxxxxxxxxxxxxxx,
or manage subscriptions at http://listserv.ieee.org/cgi-bin/wa
Visit IEEE P1363 on the web at: http://grouper.ieee.org/groups/1363
______________________________________________________________________