In article <[EMAIL PROTECTED]> you write: ><http://www.informationweek.com/story/showArticle.jhtml?articleID=171200010> > >Summary: some phishes are going to SSL-secured sites that offer up >their own self-signed cert. Users see the warning and say "I've seen >that dialog box before, no problem", and accept the cert. From that >point on, the all-important lock is showing so they feel safe.
I don't get it. When you can get a free cert good for a month and signed by Geotrust, why waste time with self-signed certs? See http://zblog.abuse.net for a sample. R's, John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
