Microsoft to Provide Timeline for SSL, Release Date Postponed Further

Microsoft has committed to providing a timeline for fixing the SSL issues with Hotmail/Live by next Friday and has requested that the tool release be postponed at least until then. I will of course grant this request. I had previously already agreed to delay until end of day on Monday for a similar timeline from Google to provide automatically negotiated secure cookie support, but this does extend things a bit further. However, I will still provide copies of the tool to anyone who contacts me from an email matching the contact info of a domain that is fully paid up with its protection money to the SSL mafia for a current, valid SSL certificate.

At some point after receiving timelines from Microsoft and Google (depending on the duration and level of security provided), I will begin providing copies of the tool to anyone who matches the contact information for *ANY* domain with any type of unofficial SSL certificate.

At some further date after that, I will begin provide copies of the tool to anyone who asks, and then shortly after that, the tool will be posted publicly.

To me, this seems to be the best way to manage the situation to both balance the need for people to have the ability to test their sites with the need to not damage the general public by unnecessary early release of an automated exploit tool.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

This question is for testing whether you are a human visitor and to prevent automated spam submissions.
  _   _   ____   __        __ __   __  _____ 
| | | | / ___| \ \ / / \ \ / / | ___|
| |_| | \___ \ \ \ /\ / / \ V / | |_
| _ | ___) | \ V V / | | | _|
|_| |_| |____/ \_/\_/ |_| |_|
Enter the code depicted in ASCII art style.