[Bug 482751] Re: "MD5 Collisions Inc." (expried) fake SSL certificate is installed as standard

Alexander Konovalenko alexkon at gmail.com
Fri Aug 6 16:24:27 UTC 2010


As previously said, this is a security feature. If the current date on
your computer is set to September 2, 2004 or before, a man-in-the-middle
attacker who can control your network connection would be able to spoof
any SSL site on the Internet using the MD5 Collisions Inc. certificate.
This feature ensures Firefox never trusts the rogue certificate, even if
the computer's clock is wrong.

** Changed in: firefox-3.5 (Ubuntu)
       Status: Confirmed => Invalid

-- 
"MD5 Collisions Inc." (expried) fake SSL certificate is installed as standard
https://bugs.launchpad.net/bugs/482751
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox-3.5 in ubuntu.




More information about the Ubuntu-mozillateam-bugs mailing list