[SSL Observatory] SSL CA compromise in the wild
Matt McCutchen
matt at mattmccutchen.net
Wed Mar 23 10:31:35 PDT 2011
On Wed, 2011-03-23 at 10:29 -0700, Jacob Appelbaum wrote:
> On 03/23/2011 08:26 AM, Steve Schultze wrote:
> > Hey Jacob, in your post you say:
> >
> > "Mozilla offered some additional information and disclosed that addons.mozilla.org was one of the certificates acquired by the attacker. "
> >
> > Where did they disclose that? I don't see it in their blog post.
> >
> > Nice work btw.
>
> They disclosed this in a bug report:
> https://bugzilla.mozilla.org/show_bug.cgi?id=643056
Which is not open to the public.
--
Matt
More information about the Observatory
mailing list