Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:08 ADT
Tim Hudson (tjh@cryptsoft.com)
Sat, 27 Jun 1998 08:57:01 +1000 (EST)
According to Vin McLellan:
> Fyi. I think this is a better synopsis and report on the reactions from
> the multiple SSL vendors than the relevant CERT Advisory: CERT* Advisory
> CA-98.07, issued June 26, 1998, "Vulnerability in Some Usages of PKCS#1."
> The CERT advisory was mailed out by CERT, but doesn't seem to be yet
> available on the CERT website.
It is on their web site now at:
http://www.cert.org/advisories/CA-98.07.PKCS.html
We also have a pile of references to information about this from various
PR statements and also *patches* to all major SSLeay releases at:
http://www.ssleay.org/announce/pkcs1.html
The RSA Bulletin (follow the links ...) contains detailed technical
information about the nature of the problem.
C2Net, Microsoft, and Netscape all have patched versions of their
products available now.
Tim.
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:08 ADT