[langsec-discuss] Breaking X.509 cert validation with frankencerts

Will Sargent will.sargent at gmail.com
Sun Apr 6 18:14:54 UTC 2014

It turns out that X.509 is sufficiently complex that you can fuzz
certificates by stitching together seeds into a "frankencert" and use them
to find holes in TLS implementations.  They find 208 differences in between
implementations, including some nasty ones in MatrixSSL and GnuTLS.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140406/e7629e32/attachment.html>

More information about the langsec-discuss mailing list