Tina Bird <tbird@precision-guesswork.com> writes: > The vendors listed in the CERT advisory on the OpenSSL vulnerabilities are > all producing server-side software: > > http://www.cert.org/advisories/CA-2002-23.html > > Does anyone know if Netscape, Opera, Internet Explorer or any of the other > browsers are vulnerable to these issues? Netscape and IE both have their own TLS implementations. Netscape uses NSS and IE uses CAPI/SChannel. Of course, these implementations might be vulnerable to similar bugs but there's no specific reason to think they are. -Ekr -- [Eric Rescorla ekr@rtfm.com] http://www.rtfm.com/
