|
Hello, I have read the advisory an I am a bit puzzled regarding the
there are CAs using exponent 3 in wide use
comment, I have tried to check and could not found any CA using this exponent, all
the CA’s I have seen are using 0x10001 (CA’s I have generate by OpenSSL using
default values, world wide trusted CA’s such as VeriSign and Thawte etc..), I
understand that specifying CA’s using exponent 3 will give specific targets to malicious
people and that is defiantly not a good idea, how ever I would like to try and better
understand the range of the problem, are only old CA’s using exponent 3 ? Could anyone elaborate some on this? Regards, Hagai, |
- Question reagrding OpenSSL recent security advisory Hagai Yaffe
- Re: Question reagrding OpenSSL recent security a... Dr. Stephen Henson
- Re: Question reagrding OpenSSL recent security a... Marek Marcola
- Re: Question reagrding OpenSSL recent securi... William A. Rowe, Jr.
- RE: Question reagrding OpenSSL recent se... Pasi Eronen
