Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-19087

SSL: implement blacklisting not only based on serial number, but also on the signature / public key / issuer

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: P2: Important P2: Important
    • 4.8.0, 5.0.0
    • 4.7.3
    • Network: SSL
    • None
    • 6b1a8129623e3716f2fc075608b260ce7c381fe2

      one could run a DOS attack with issuing a fraudulent certificate with a serial number equal to the serial number of a valid certificate in order to get it blacklisted.

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            phartman Peter Hartmann (closed Nokia identity) (Inactive)
            phartman Peter Hartmann (closed Nokia identity) (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes