Re: **maillist:: Outlook S/MIME Vulnerability

From: Torbjörn Hovmark (torbjorn.hovmark@abtrusion.com)
Date: Wed Sep 04 2002 - 16:18:01 CEST

Previous message: Marc Ruef: "Bypassing the Finjan SurfinGate URL filter"
In reply to: Thomas Seliger: "Re: **maillist:: Outlook S/MIME Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thomas,

> Since the failure of checking certificate chain correctly seems to be
> buried deeper in windows (maybe in some DLL? some info from
> microsoft would be greatly appreciated [...]

The CryptoAPI function CertVerifyCertificateChainPolicy() could be an
interesting starting point. However, I get the feeling it is more a matter
of similar errors being made by different people in different development
teams.

Best regards,

Torbjörn Hovmark

______________________________________
Abtrusion Security AB
http://www.abtrusion.com

Previous message: Marc Ruef: "Bypassing the Finjan SurfinGate URL filter"
In reply to: Thomas Seliger: "Re: **maillist:: Outlook S/MIME Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Sep 04 2002 - 20:41:11 CEST