[cryptography] Microsoft Sub-CA used in malware signing

Thor Lancelot Simon tls at panix.com
Mon Jun 4 09:38:18 EDT 2012


On Mon, Jun 04, 2012 at 10:20:33AM +0200, Erwann Abalea wrote:
> It's also not clear about what could have been done with TS certificates.
> Is it only codesigning, or TLS server as well?

I'm surprised they can be used for code signing at all.  TS (in its modern
incarnation) is a TLS-encapsulated protocol.

Thor



More information about the cryptography mailing list