GeoTrust has just released a paper outlining the problems with this approach, and giving practical and real-world examples:
http://geotrust.com/resources/advisory/sslorg/index.htm
...and there's a white paper which goes into more depth. http://geotrust.com/resources/white_papers/pdfs/SSLVulnerabilityWPcds.pdf
Gerv _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
