[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability



On Wed, 2005-02-09 at 15:01 -0500, Valdis.Kletnieks@xxxxxx wrote:
> > To prevent getting lulled into a phishing scam, could you please confirm
> > the fingerprints of the self-signed SSL certificate that mailman is
> > running on?  :)
> 
> Bonus points if the fingerprint is in a mail that's digitally signed, so we
> know the phisher isn't faking the mail....
> 
> Hand me some more tinfoil, will ya? :)

heh... nah, having John look at the cert and say "Yup, that's mine" is
enough of a trust-level for me. (On the other hand, if he says "Oh
shit!" then the verification step has served its purpose :)

Cheers,
Frank (who knows he's being watched ;)



Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html