[langsec-discuss] Breaking X.509 cert validation with frankencerts
munin at mimisbrunnr.net
Sun Apr 6 18:30:14 UTC 2014
The observation in this paper seems to be a key idea behind a new DARPA program, “Mining and Understanding Software Enclaves”
The proposers day program slides make for some interesting reading after this paper!
On Apr 6, 2014, at 2:14 PM, Will Sargent <will.sargent at gmail.com> wrote:
> It turns out that X.509 is sufficiently complex that you can fuzz certificates by stitching together seeds into a "frankencert" and use them to find holes in TLS implementations. They find 208 differences in between implementations, including some nasty ones in MatrixSSL and GnuTLS.
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the langsec-discuss