[SSL Observatory] Syrian fake certificate for Facebook
Chris Palmer
chris at eff.org
Thu May 5 22:24:11 PDT 2011
On May 5, 2011, at 10:20 PM, Peter Gutmann wrote:
> Thanks. OK, it's something weird, note the 512-bit key, and the
> basicConstraints is non-critical. OTOH they got the 64-bit serial number
> signedness right. Anyone have any ideas wot done it? It doesn't look like
> Windows, OpenSSL, or Entrust.
Another weirdness is
CA:TRUE
with no constraint or EKU for identifying web servers.
And
L=Alto Palo
(Obviously it's Palo Alto.)
It's so bad, I wonder if it's not bad on purpose.
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
https://www.eff.org/code
More information about the Observatory
mailing list