tag:blogger.com,1999:blog-8271855.post7025726261764724675..comments2008-12-25T23:29:45.701-08:00Rohit Srivastwahttp://www.blogger.com/profile/10024873320275519064noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-8271855.post-85109532203099499832008-12-25T23:29:00.000-08:002008-12-25T23:29:00.000-08:00Rohit,<BR/><BR/>it also is a case with the a stolen id of the certificate.<BR/><BR/>I has happened in the past with netgear switches. If you are to generate a cryptographic key - netgear used to genereate only a specific number of key id's and then recycle them.<BR/><BR/>once this was figured out we could use the same certificate - play around with the time and ids and lo - we are ready with a new phised cert<BR/><BR/>although this bug was fixed - but it is still possible with other vendors.$!ddh@rthhttp://www.blogger.com/profile/06746511077435056249noreply@blogger.com