* mono riot:

>> I've been wondering if CT is a good tool for things like safe
>> browsing to monitor possible phishing sites and possibly detect
>> them faster.
> Are there general proposals yet on how to distinguish phishing vs
> legitimate when it comes to domains? (like apple.com vs app1e.com vs
> mom'n'pop farmer's myapple.com)

If there was a general rule, people would game the system, making the
rule useless.

In general, recognizing malicious web content requires looking at said
content.  It is not possible to go by the domain name alone.
dev-security-policy mailing list

Reply via email to