Bugtraq mailing list archives
Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2
From: Graeme Fowler <G.E.Fowler () lboro ac uk>
Date: Mon, 19 Nov 2007 23:17:50 +0000
Hi On Tue, 2007-11-20 at 00:51 +0200, Kapetanakis Giannis wrote:
ps. I've just discovered this: http://www.g-loaded.eu/2007/08/10/ssl-enabled-name-based-apache-virtual-hosts-with-mod_gnutls/ rfc3546 defines Server Name Indication (SNI) extention which is used by mod_gnutls for tls name based virtual hosting. Looks interesting :)
Also in OpenSSL. Use a recent snapshot and enable "--enable-tlsext" at configure time. It'll be in the next 0.9.8 update, if I read the mailing lists correctly. Graeme
Current thread:
- Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Nov 19)
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Nov 19)
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Graeme Fowler (Nov 19)
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Michal Zalewski (Nov 19)
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Nils Toedtmann (Nov 20)
- Message not available
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Nov 20)
- Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 Kapetanakis Giannis (Nov 19)