Bugtraq mailing list archives
Firefox 3.6 for Windows includes a forged CA cert
From: Francis Litterio <flitterio () gmail com>
Date: Fri, 19 Mar 2010 20:22:16 +0000 (UTC)
In Firefox 3.6 for Windows, go to Tools -> Options -> Advanced -> Encryption -> View Certificates -> Authorities and scroll down to the entry for "Equifax Secure Inc." and you'll see a cert labeled "MD5 Collisions Inc (http://www.phreedom.org/md5)" grouped with the other Equifax certs. Yes, it's expired, so it poses no real threat, but why is the Mozilla Project shipping Firefox with that cert? It just causes FUD. -- Fran
Current thread:
- Firefox 3.6 for Windows includes a forged CA cert Francis Litterio (Mar 22)
- Re: Firefox 3.6 for Windows includes a forged CA cert dveditz (Mar 23)
- Re: Firefox 3.6 for Windows includes a forged CA cert Mike Duncan (Mar 23)
- Re: Firefox 3.6 for Windows includes a forged CA cert Marcus Meissner (Mar 23)
- <Possible follow-ups>
- Re: Firefox 3.6 for Windows includes a forged CA cert adam (Mar 23)