From: "Memisyazici, Aras" <arasm@vt.edu.>
Subject: A tool to identify the MD5 certs on FF
thread-topic: A tool to identify the MD5 certs on FF
thread-index: AclsZ0++NQxGzY/5TfSd5LU2VDEiFw==
Date: Thu, 1 Jan 2009 18:19:01 -0500
Importance: normal
X-Priority: 3
To: <full-disclosure@lists.grok.org.uk.>, <bugtraq@securityfocus.com.>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset="iso-8859-1"
X-OriginalArrivalTime: 01 Jan 2009 23:18:54.0083 (UTC) FILETIME=[5043ED30:01C96C67]
X-Virus-Scanned: antivirus-gw at tyumen.ru
Exec. Summary :=20
<snip from=3D http://www.codefromthe70s.org/sslblacklist.aspx>
Update 12/31/2008
SSL Blacklist now detects and warns about certificate chains that use the M=
D5 algorithm for RSA signatures.
</snip>
Great little FF-addon that helps you identify whether the SSL-site you are =
on is using a bad cert from the Debian/OpenSSL goof a while back, or now wh=
ether it is MD5 based.
Enjoy,
Aras Memisyazici
Systems Administrator
Virginia Tech
P.S. Thx Martian for writing such a plugin :D
=