On 10/4/06, Snake <[EMAIL PROTECTED]> wrote: > Well you could always use the ploy that is being used with spoofed bank > sites. > User thinks they are going yo www.barclaysbank.co.uk > But your really sending them to www.barclayswank.co.uk which has a valid > SSL, so nothing looks amis. > > Russ
I think that was the bit that was confused. Dave keeps asking about how it could be valid, I think this is what Bobby (IIRC) was talking about. It would be a valid cert, but that has little to do with SSL, per se. More that whole, "biggest hole is 'tween the user and the screen" or whathaveyou. What's swell is that some email clients now warn you if the link says "ssl.paypal.com" but the actual link is to "ssl.playpal.com". Stuff like that could cut down on this crap quite a bit. We don't all need to be chipped. I was watching C-SPAN the other night... I'd always thought that gubment stuff was boring, but man, that was far out. There's a lot going on, out in the open, that I never knew about. The identity stuff and recent big $$ grants got me wondering... People are scaring other people enough as it is, the masses are already clamoring for a "more secure internet", only, I don't think they're thinking along the lines of simple link vs. link-text type checking, if you catch my drift. More like how we've got a "more secure" country, here in the US of A, of late. Hey, at least boot sales are up, right? heh. Encryption is Evil! -V'z ylvat I tried to sub to community, but was unable... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255374 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
