Real World Exploit for Bleichenbachers Attack on SSL fromCrypto'06 working

Am Donnerstag, den 14.09.2006, 22:23 -0700 schrieb Tolga
Acar:
> You need to have one zero octet after bunch of FFs and
before DER encoded
> has blob in order to have a proper PKCS#1v1.5 signature
encoding.
> 
> Based on what you say below, "I used this cert
and my key to sign an
> end-entity certificate which I used to set up an
webserver", it appears that
> implementations you used don't check for this one zero
octet, either.

Yes, I have, I counted this to the ASN1DataWithHash part. I
did not
theck if it works without.