First off - I am new to this and I'm learning. I do not claim to know very much about
it and asked the question in openssl-dev because it seemed to me that if the DNS is
highjacked that the transaction can be masqueraded.
I did a test with Netscape 4.07. This browser is not terribly old.
I
[EMAIL PROTECTED] wrote:
I created a cert with the host name known as www.evilempire.com
and netscape was quite happy to accept it and never reported that
the URL I typed in does not match the name carried within the cert.
You're wrong. Even those old Netscape Navigator 4.0x certainly asks
Micheal, thankyou. I did find it under "more info". This sure is not obvious mind
you... thanx for the clarification.
On Sun, Feb 04, 2001 at 06:08:20PM +0100, Michael Strder wrote:
[EMAIL PROTECTED] wrote:
I created a cert with the host name known as www.evilempire.com
and netscape