[thelist] Certificate Theft ramifications
Sean@yahoo
seanmgerman at yahoo.com
Tue Mar 5 17:57:01 CST 2002
Joshua,
A stolen cert would not be of much use. Most of the information held by the
certificate is easily accessable if its from a public web site. (Go to the
site, view cert. details.)
If you had the request and cert files, I suppose you could potentially crack
the files for the password used in creation of the request. The technical
contact information might be useful if you're trying to steal employees.
Otherwise, if a stolen cert. was installed, you'd get a warning the address
doesn't match the common name in the cert.
Did I miss anything?
Sean G.
-----Original Message-----
From: thelist-admin at lists.evolt.org
[mailto:thelist-admin at lists.evolt.org]On Behalf Of Joshua Olson
Sent: Tuesday, March 05, 2002 4:55 PM
To: thelist at lists.evolt.org
Subject: [thelist] Certificate Theft ramifications
If someone was able to steal an ecommerce website's certificate request
(certreq,txt) and certificate (cert.txt), what sort of things could
potentially be exploited.
Thanks in advance,
-joshua
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
More information about the thelist
mailing list