Re: Protecting (even) =?ISO-8859-1?Q?Na=EFve_Web_Users_fro?= =?ISO-8859-1?Q?m_Spoofing_and_Phishing?=

Tyler Close Wed, 14 Jul 2004 07:42:02 -0700

I've written a paper that argues that global namespaces, such as those used in the current PKI and in Amir's proposal, are actually a cause of phishing attacks, not a solution to them. The paper further argues that the phishing problem is best solved without creating any central authorities like today's CAs or proposed LCAs. The safest solution involves a local namespace maintained within the user's WWW browser.

The paper is available at:

http://www.waterken.com/dev/YURL/Name/

There is a proof-of-concept implementation at:

http://www.waterken.com/dev/Browser/

I'd very much like to incorporate these mechanisms into the Firefox browser. I'd appreciate feedback on the concepts as well as implementation advice or assistance.

Thanks,
Tyler

--
The web-calculus is the union of REST and capability-based security.
http://www.waterken.com/dev/Web/
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security

Re: Protecting (even) =?ISO-8859-1?Q?Na=EFve_Web_Users_fro?= =?ISO-8859-1?Q?m_Spoofing_and_Phishing?=

Reply via email to