[SSL Observatory] https://controller.mobile.lan
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Feb 6 12:09:09 PST 2012
On 02/06/2012 02:42 PM, Jacob Appelbaum wrote:
> I'm at a hotel in Munich and I found a rather funny cert performing a
> full MITM for *:443 - https://controller.mobile.lan is signed by VeriSign.
>
> CN = VeriSign Class 3 Secure Server CA - G2
interesting. I can confirm that this verifies through the attached
intermediate certificate to the root shipped by Mozilla as:
Verisign Class 3 Public Primary Certification Authority - G2
> X509v3 CRL Distribution Points:
> URI:http://SVRSecure-G2-crl.verisign.com/SVRSecureG2.crl
This CRL does not list the certificate's serial number.
So, is .lan a known TLD, or was Verisign issuing certificates for
non-FQDNs as recently as august 2010.
Anyone from Verisign want to comment on this?
--dkg
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: VeriSignClass3SecureServerCA-G2.pem
URL: <http://lists.eff.org/pipermail/observatory/attachments/20120206/3f3cb1d8/attachment.ksh>
More information about the Observatory
mailing list