also sprach Stefan Kelm <[EMAIL PROTECTED]> [2003.06.16.1652 +0200]: > Now, suppose I buy a certificate for *.i-am-bad.com (assuming that I'm > the owner of that domain). I could then set up an SSL server with a > hostname of something like > > www.security-products.microsoft.com.order.registration.checkout.user- > support.i-am-bad.com > > hoping that the browser will only display the more familiar looking parts > of the URL to the user who in turn will happily accept the certificate.
I could also just buy a certificate with that name. While it is an interesting point, I do not see how wildcard certificates make this possible, or enhance it. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" [EMAIL PROTECTED] keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html get my key here: http://madduck.net/me/gpg/publickey before he died, rabbi zusya said: "in the world to come they will not ask me, 'why were you not moses?' they will ask me, 'why were you not zusya?'"
Description: PGP signature