Except: ensuring that the server is signing with the right, certificate-certifie... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

gojomo on Feb 22, 2014 | parent | context | favorite | on: About the security content of iOS 7.0.6

Except: ensuring that the server is signing with the right, certificate-certified private key is the major thing that TLS is supposed to provide.

So no matter how strange or malicious the server-side stack would need to be... not having a test for such a deviation is a major oversight.

gsnedders on Feb 22, 2014 [–]

The really scary thing is that there is basically no good testsuite for SSL/TLS in existence. I would not be surprised if other stupid bugs showed up in other implementations given one…

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact