Archive for December, 2008

Rogue Root CAs because of MD5 collisions

December 30, 2008

Quoting from “As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS...

Read More