[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GAK Hacks



> 
> One would be to create a patcher which would let you change the set of
> certificate authorities accepted by the browser.  Currently the browser
> accepts at least one (an internal Netscape test CA) which is not needed
> by end users.  Maybe its public key could be statically overwritten by
> the patch program with the public key of the replacement CA.  This sounds
> simple and safe.  The patch program can confirm that the data being
> changed matches the test CA.

	Where is the public key for the test CA available? Seems
pretty trivial to take those bits and just do a bit compare against
your netscape binary to find out where the key is stored within the
binary.. 

-- 
sameer						Voice:   510-601-9777
Network Administrator				FAX:	 510-601-9734
Community ConneXion: The NEXUS-Berkeley		Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			[email protected]