Hello,
Le 11.05.2005 23:25, James Yonan a écrit :
True, but I think you're somewhat stretching the connotation of "security
bug" here.
Yes. Sorry if the "security bug" subject hurt you.
No matter how much OpenVPN tries to
authenticate the CRL, an attacker with root privileges could easily
in
On Wed, 11 May 2005, Thomas NOEL wrote:
> Hello,
>
> Le 11.05.2005 11:49, James Yonan a écrit :
> >>I think there is a security issue with the crl-verify code. OpenVPN only
> >>check the issuer of the CRL, but not the CRL signature.
> >>If you sign a CRL with another CA (even self signed) which
Hello,
Le 11.05.2005 11:49, James Yonan a écrit :
I think there is a security issue with the crl-verify code. OpenVPN only
check the issuer of the CRL, but not the CRL signature.
If you sign a CRL with another CA (even self signed) which have the same
DN than the certificate issuer, OpenVPN acc
> Hello,
>
> I think there is a security issue with the crl-verify code. OpenVPN only
> check the issuer of the CRL, but not the CRL signature.
>
> If you sign a CRL with another CA (even self signed) which have the same
> DN than the certificate issuer, OpenVPN accept it as a good CRL : the
>
Hello,
I think there is a security issue with the crl-verify code. OpenVPN only
check the issuer of the CRL, but not the CRL signature.
If you sign a CRL with another CA (even self signed) which have the same
DN than the certificate issuer, OpenVPN accept it as a good CRL : the
server or the
