On Tue, Jan 8, 2013 at 11:42 AM, James A. Donald <[email protected]> wrote: > On 2013-01-08 7:26 PM, Ben Laurie wrote: >> >> Modulo CAs not working correctly, this is what SSL does. So long as >> you define "the right server" as being "the one with the domain name >> you navigated to". > > > Domain names are lengthy and not all that human memorable. I logon to > citicard, the correct domain name is accountsonline.com. Am I likely to > notice if the domain name is accountsonlin.jim.com? > > Indeed, in that the correct domain name is not citicard, am I likely to > notice if the domain name Istealyourmoney.ru
Quite so. This is why PKI does not solve phishing. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
