You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A new attack surface appears with the MapServer. If a malicious CA creates an absurd number of entries for a domain name, those will be recorded by the CT Log Server, and afterwards by the MapServer.
A client requesting the material for that domain name will receive as much data as the attacker decides, rendering the connection to the MapServer useless.
Decide what attacker models appear because of this.
Decide how to solve or mitigate this.
The text was updated successfully, but these errors were encountered:
A new attack surface appears with the MapServer. If a malicious CA creates an absurd number of entries for a domain name, those will be recorded by the CT Log Server, and afterwards by the MapServer.
A client requesting the material for that domain name will receive as much data as the attacker decides, rendering the connection to the MapServer useless.
The text was updated successfully, but these errors were encountered: