[SSL Observatory] Using observatory data to check CAcert
Ralph Holz
ralph at ralphholz.de
Mon Aug 1 03:03:28 PDT 2011
Hi,
>>> I have not checked the CAcert database for the Debian SSL
>>> vulnerability, as that would've been non-trivial. There were scripts
>>> shipped with the SSL Observatory data, but I found them not easy to
>>> use, so I skipped that part.
>>
>> I would expect EFF to have done that as they did report on the number
>> of PRNG-flawed certificates in either their Defcon or 27C3 talk.
>
> I trust that cacert has revoked all debian ssl-vulnerable certificates,
> but feel free to check yourself.
Err, I understood you wanted to check for vulnerable certs in the EFF
data. Is that not correct? You did not mention revocation (which
requires a bit more effort, but not much).
Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.eff.org/pipermail/observatory/attachments/20110801/54880195/attachment.sig>
More information about the Observatory
mailing list