DISQUS

Website
http://www.matasano.com/log
Original page
http://www.matasano.com/log/501/rsa-signature-forgery-explained-with-nate-lawson-part-iv/
Subscribe
All Comments
Community
Top Commenters
- Press Controls
  3 comments · 2 points
- ChrisMtso
  12 comments · 1 points
- Eric Monti
  11 comments · 1 points
- StatlerAndWaldorf
  12 comments · 3 points
- Dave G.
  7 comments · 1 points
Popular Threads

Matt · 3 years ago

However, we have started eliminating the few e=3 root certificates. That was a good idea.

Are the commercial CAs which deployed e=3 root certs (Entrust, <strike>Digital Signature Trust Co.</strike> IdenTrust, others?) known to be doing anything about this snafu?
William · 3 years ago

Great summary Thomas, thanks for taking the time to fill in the blanks.
Emmanuel Leroux Sanders · 3 years ago

nice. :-)

I am by no means a security specialist, but I love your blog and find it VERY interesting. Keep up the excelent work.

-Emmanuel
Nate · 3 years ago

Matt:

I'm unaware of any changes in the root certs. We won't know for another 3-6 months, my guess. It takes a while for them to make a CRL, get it into IE and Firefox, etc.

The tone we used was more one of wishful thinking than future certainty. :)