2 Jan
2009
2 Jan
'09
9:53 p.m.
On Fri, 2 Jan 2009, Dragos Ruiu wrote:
www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation; sid:1000001;)
You can't really use any snort rule to detect SHA-1 certs created by a fake authority created using the MD5 issue. Yes, this is a serious matter, but it hardly has any operational impact to speak of for users and none for NSPs. Gadi.