-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> While DNS spoofs may be practical, impersonating an SSL-enabled Web
> server requires considerably more than lying about IP addresses.
No, not really. The weak link is the end user, and they are generally
a VERY weak link. I wrote an article dealing with this:
<blatant corporate self-plug>
http://www.securityportal.com/closet/closet19990930.html
</blatant corporate self-plug>
> -Peter
- -Kurt Seifried
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
iQA/AwUBOC86Tob9cm7tpZo3EQIQugCfUGYpX5JyI/50rR4rxAmOyWyBOzYAnjVN
ZJLNpm2peizpZDThkFqfeykh
=MOsV
-----END PGP SIGNATURE-----
