Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Another CA Compromise: TurkTrust

Amin Sabeti aminsabeti at gmail.com
Fri Jan 4 03:02:55 PST 2013


I've checked some of the Iranian banks' SSL and found at least two of them
have changed the CA from TurkTrust to WoSign, Inc. in the US.

A

On 4 January 2013 10:09, Ralph Holz <holz at net.in.tum.de> wrote:

> On 01/04/2013 02:45 AM, Amin Sabeti wrote:
> > One point: Most of the Iranian banks have bought SSL certification from
> > TurkTrust.
>
> Indeed. And one of the solutions that Mozilla is considering is to limit
> Turktrust do .tr and .ir, by using the name extension in X.509.
>
> Ralph
>
> --
> Ralph Holz
> Network Architectures and Services
> Technische Universität München
> Phone +49 89 28918043
> http://www.net.in.tum.de/de/mitarbeiter/holz/
> PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF
>
>
> --
> Unsubscribe, change to digest, or change password at:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130104/7cf0d6b5/attachment.html>


More information about the liberationtech mailing list