[c-nsp] SSL cert for tools.cisco.com revoked?
Tim Utschig
tim at tetro.net
Tue Dec 15 17:04:37 EST 2009
On Tue, Dec 15, 2009 at 12:42:25PM -0800, Tim Utschig wrote:
> I found a Windows PC, and it seems that MSIE care even after
> enabling CRL checking.
Insert "doesn't" before "care".
MSIE users will not notice this security issue.
Even after checking the box "Check for server certificate
revocation*" under Tools -> Internet Options -> Advanced, and
rebooting, MSIE (7.0.5730.13 at least, I'm not interested in
spending time checking other versions of a browser I avoid using)
still doesn't bother checking Verisign's OCSP server.
--
- Tim Utschig <tim at tetro.net>
More information about the cisco-nsp
mailing list