[cryptography] Microsoft Sub-CA used in malware signing
eabalea at gmail.com
Tue Jun 5 05:37:35 EDT 2012
2012/6/5 Marsh Ray <marsh at extendedsubset.com>
> An excerpt:
> "That’s right, every single enterprise user of Microsoft Terminal Services
> on the planet had a CA key that could issue as many code signing
> certificates they wanted and for any name they wanted."
> It sounds as if Windows users might have a million code-signing DigiNotars
> to worry about.
md5withRSA, sequential serials, everybody-gets-a-CA...
This is depressing.
The timestamp on the signed objects allows the signature to stay valid for
much longer than the validity of the signer. So the 2 years validity for
TS-CA certificates is not a problem here.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography