SEARCH RESULTS
 
Showing 1-6 of 6 records
1
 
Expand article

More on Driver Certificate Revocation

2007-08-03 07:54:37 by Editor in Cheap Hack
 
...revocation works, see the comment section on the blog on the Atsiv revocation . Sounds like the current architecture only allows for boot-time checks, and they're just speculating that checks with VeriSign could be done more frequently: The VeriSign revocation list may impact a variety of operations. For example, verification checks that...
 
Tags: revocation, checks, atsiv revocation, verification checks, verisign revocation list, operations, user mode operations, verisign, boot-time checks
 
 
 
 
Expand article

Microsoft Hits Back at Atsiv

2007-08-02 22:17:32 by Editor in Cheap Hack
 
...revocation list. This confuses me; why would it be good enough for VeriSign's revocation list, but Microsoft is only looking into putting it in its own? I've asked Best of all: It has added signatures to Windows Defender to detect Atsiv, at least the current version of it. Source for Atsiv is supposedly available (although I didn't see a link...
 
Tags: atsiv, microsoft, detect atsiv, detect, revocation list, revocation, verisign cost, driver loadboot time, verisign
 
 
 
 
Expand article

Risk ROI for Some Provisioning Solutions

2008-04-19 02:22:29 by Erik T. Heidt in Art of Information Security
 
...revocation Provide transparent views of the status and history of each step in the Entitlement Lifecycle through the creation of durable and detailed records, which include all the information required to provide non-repudiation and event reconstruction for each step in an Entitlement Lifecycle Note: Fulfilling these objectives always...
 
Tags: information security, information, entitlement, entitlement lifecycle, solutions, systems, risk roi, information security podcast, identity
 
 
 
 
Expand article

Free Certificate Reissuance From VeriSign

2008-05-17 07:20:37 by Editor in Cheap Hack
 
...revocation and replacement of VeriSign, Thawte, GeoTrust, and RapidSSL SSL Certificates. This includes code signing certificates as well as SSL certificates
 
Tags: verisign, software error, software, rapidssl ssl, openssl implementation, recent severe bug, openssl, ssl, buggy versions
 
 
 
 
Expand article

An insecurity in OpenID, not many dead

2008-08-09 01:33:39 by Richard Clayton in Light Blue Touchpaper
 
...Revocation List (CRL) because otherwise it will still be trusted from now until it expires (a fair while off). Sadly, many web browsers, and most of the OpenID codebases havent bothered with CRLs (or they dont enable their checking by default so its as if it wasnt there for most users One has to conclude that Sun (and the other two providers)...
 
Tags: openid, openid codebases, certs, weak certs, weak, openid sites, sun, suns openid website, trusts sun
 
 
 
 
Expand article

How to Clone and Modify E-Passports

2008-09-30 12:24:51 by schneier in Schneier on Security
 
...Revocation lists for certificates only work when a leak/loss is detected. In most cases it will not be detected So what's the solution? We know that humans are good at Border Control. In the end they protected us well for the last 120 years. We also know that humans are good at pattern matching and image recognition. Humans also do an...
 
Tags: passports, passport, passport security falls, passport data set, set, electronic passports, country, key, undetectably fake passports
 
 
 
 
 
Showing 1-6 of 6 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia