| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft Security Bulletin (MS01-017) - Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard - Updated | |
|
||
| Time: 00:00 EST/05:00 GMT | News Source: ActiveWin.com | Posted By: Robert Stein | ||
|
Thanks to a Kobold. In mid-March 2001, VeriSign, Inc., informed Microsoft that it had issued two code-signing digital certificates to an individual who fraudulently represented himself as a Microsoft employee. Microsoft has released an update that will prevent code signed using these certificates from being trusted. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
12:02:53 PM
ET.
Any comment problems? E-mail us |
| #1 By 20 (Unknown) at 3/29/2001 8:47:00 AM |
| This is why Certificate Revocation Lists (CRL) MUST become an ubiquitos standard so that when the certificate authorities are retarded like this, they can fix the problem. |
| #2 By 2 (Unknown) at 3/29/2001 1:39:00 PM |
| What exactly are those? |
| #3 By 20 (Unknown) at 3/29/2001 11:19:00 PM |
|
When the original certificate designers created the whole certificate issuing scheme, they forgot one major part: how to revoke a granted certificate in the case of mis-issued, stolen or otherwised compromised certificates. The CRL spec has been around for awhile now, but it's slow to adoption. Only recently has MS, a leader in cryptography standards like this, adopted this notion. Very few other vendors support CRLs fully. They usually only support it partially. It is a difficult standard to support, though. Certificates are designed to be trusted and verified without having to go out to the internet to verify their authenticity. With CRLs, it requires much more internet interactivity as one must update their CRLs on a fairly regular basis for them to be useful at all. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
12:02:53 PM
ET.
Any comment problems? E-mail us |
