On Sat, 18 Nov 2000 [EMAIL PROTECTED] wrote: > Bram Cohen <[EMAIL PROTECTED]> writes: > > Unless that problem is fixed, man in the middle is hardly made more > > difficult - for example, Mallory could break into some random machine on > > the net and steal it's public key, then hijack local DNS and when someone > > goes to amazon.com redirect them to amazon.hackeddomain.com, and then > > proxy to amazon.com - now even SSL says the connection is safe. > > Are you sure that works? I would think the SSL client would do a > connection to the URL the user typed, www.amazon.com, and check the > name in the cert to see if it (approximately) matches. When the user goes to www.amazon.com, they get a plaintext http redirect to amazon.hackeddomain.com, which does check. -Bram Cohen
- Re: Public Key Infrastructure: An Artifact... Ben Laurie
- Re: Public Key Infrastructure: An Artifact... Bram Cohen
- Re: Public Key Infrastructure: An Arti... Ben Laurie
- Re: Public Key Infrastructure: An Artifact... Ben Laurie
- Re: Public Key Infrastructure: An Artifact... Bram Cohen
- Re: Public Key Infrastructure: An Artifact... Ben Laurie
- Re: Public Key Infrastructure: An Arti... Bram Cohen
- Re: Public Key Infrastructure: An Artifact... Jeffrey Altman
- Re: Public Key Infrastructure: An Artifact... Jeffrey Altman
- Re: Public Key Infrastructure: An Artifact... obfuscation
- Re: Public Key Infrastructure: An Artifact... obfuscation
- Re: Public Key Infrastructure: An Artifact... Lynn . Wheeler
- Re: Public Key Infrastructure: An Artifact... Ben Laurie
- Re: Public Key Infrastructure: An Artifact... Arnold G. Reinhold
- Re: Public Key Infrastructure: An Artifact... R. A. Hettinga
- Re: Public Key Infrastructure: An Artifact... Bram Cohen
- Re: Public Key Infrastructure: An Artifact... Lynn . Wheeler
- Re: Public Key Infrastructure: An Artifact... Lynn . Wheeler
