Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Blocking access to MD5 signed certs InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Blocking access to MD5 signed certs

Published: 2009-01-02
Last Updated: 2009-01-02 22:07:13 UTC
by Mark Hofman (Version: 1)
1 comment(s)

A few people have written in regarding the Firefox plugin SSL Blacklist

The tool has been around for a while, but they have added the ability to detect MD5 signed certificates and block access.  It might be a nice addition to the arsenal.  Whilst the address bars in FF and IE do seem to turn green when the site has a SHA signed cert (at least it did for the sites I tested), this might be a bit more obvious. You only get the padlock when the site is MD5 signed.

Mark H

Keywords: MD5 Certificate
1 comment(s)
Diary Archives