Ferret out weak PKI certificates
Firefox add-on checks for MD5 hashes
- By Joab Jackson
- Jan 07, 2009
Worried that the security certificates you receive have been signed using the MD5 algorithm and, hence, susceptible to forgery? Take a look at a Mozilla Firefox browser add-on called SSL Blacklist. The latest version detects and warns about certificate chains the browser comes across that use that MD5 algorithm. "It might be a nice addition to the arsenal," noted SANS instructor Mark Hoffman.
Joab Jackson is the senior technology editor for Government Computer News.