[openstack-dev] [OSSG] OpenStack Security Group Task List
David Chadwick
d.w.chadwick at kent.ac.uk
Tue Oct 30 18:10:14 UTC 2012
On 25/10/2012 21:41, David Kranz wrote:
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> Is the first bullet related to this
> http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf?
>
> The Most Dangerous Code in the World:
> Validating SSL Certificates in Non-Browser Software
>
> -David
And the second most dangerous is relying on Browser Software, see
Ahmad Samer Wazan, Romain Laborde, David W Chadwick, François Barrere,
AbdelMalek Benzekri. “Which web browsers process SSL certificates in a
standardized way?” 24th IFIP International Security Conference, Cyprus,
May 18-20th, 2009
the answer is, none of them :-)
David
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
More information about the OpenStack-dev
mailing list