Tyler Close wrote: > This is incorrect. The petname tool does guard against DNS poisoning. > The petname tool provides a reliable binding between an SSL identity > and a user chosen reminder note. The petname tool does not rely on the > correctness of DNS information.
Actually your making the assumption the initial connection is to the site you think it is, which is the same assumption most people make with SSH, unless you check fingerprints and do out of band checking you have no way to know if you're assumption in that you think you know who you're talking to really is one and the same... Assumptions are the mother of all [EMAIL PROTECTED](k ups.. -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
