[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] New HTTP authorization attack

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] New HTTP authorization attack
From: Julie C <julie@xxxxxxx>
Date: Tue, 23 Aug 2011 10:15:00 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 23 Aug 2011 14:17:03 -0400
In-reply-to: <20110823152355.GK32384@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20110822190820.A12756F443@xxxxxxxxxxxxxxxxx> <4E52B2D1.2060706@xxxxxxxxxxxxxxxxxx> <20110823045637.GH32384@xxxxxxxxxx> <4E5364F9.5060201@xxxxxxxxxxxxxxxxxx> <20110823152355.GK32384@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Tue, Aug 23, 2011 at 8:23 AM, Mike Perry <mikeperry@xxxxxxxxxx> wrote:

<snip>

SSL certificates are not isolated. They might never be. The SSL stack
is a nightmare.

Mike, can you provide some specifics on how the SSL stack is a nightmare? I am working on development of an open source C-based libevent2-based stand-alone SSL MiTM proxy but have not yet hit any of the ugly stuff. Pointers to information would also be appreciated.

--ÂJulie C.

julie@xxxxxxx

GPG key FF4E2E70 available atÂhttp://keys.gnupg.netÂ

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] New HTTP authorization attack
  - From: grarpamp
- Re: [tor-talk] New HTTP authorization attack
  - From: Mike Perry

References:
- [tor-talk] New HTTP authorization attack
  - From: stringer
- Re: [tor-talk] New HTTP authorization attack
  - From: tor
- Re: [tor-talk] New HTTP authorization attack
  - From: Mike Perry
- Re: [tor-talk] New HTTP authorization attack
  - From: tor
- Re: [tor-talk] New HTTP authorization attack
  - From: Mike Perry

Prev by Author: Re: [tor-talk] Tor Usage Statistics for Iran
Next by Author: Re: [tor-talk] Any problem installing TBB & Vidalia bundle on same machine?
Previous by thread: Re: [tor-talk] New HTTP authorization attack
Next by thread: Re: [tor-talk] New HTTP authorization attack
Index(es):
- Author
- Thread