[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] MSN Passport Cert improperly issued

To: Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] MSN Passport Cert improperly issued
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 18 Mar 2006 17:09:10 +1300

Babak Pasdar wrote:

> It seems that MSN's cert for private login to the passport site is
> issued for the wrong domain.  

So?

Given what that cert means even if it is "right" (i.e. diddly squat -- 
basically someone paid some money to a company that your browser 
recognizes as a CA), it tells you nothing really important, so why 
sweat it being "wrong"?

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] MSN Passport Cert improperly issued
  - From: Babak Pasdar

Prev by Date: Re: [Full-disclosure] Yahoo recommends you write down account information
Next by Date: Re: [Full-disclosure] Yahoo recommends you write down accountinformation
Previous by thread: Re: [Full-disclosure] MSN Passport Cert improperly issued
Next by thread: Re: [Full-disclosure] MSN Passport Cert improperly issued
Index(es):
- Date
- Thread