Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.

From: Bill Brown (bbrown_at_ists.dartmouth.edu)
Date: 02/14/05

Next message: Amit Klein (AKsecurity): "Update Your Bookmarks"

Previous message: Martin Pitt: "[USN-83-1] LessTif 2 vulnerabilities"
Maybe in reply to: Brandon Kovacs: "International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs."
Next in thread: lyal.collins: "Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 13 Feb 2005 22:39:57 -0500
To: bugtraq@securityfocus.com

You may want to consider deleting all of the Authorities, and then
add a specific certificate only when you have called the company and
verified the fingerprint of the digital signature.

-- 
Bill Brown

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Next message: Amit Klein (AKsecurity): "Update Your Bookmarks"

Previous message: Martin Pitt: "[USN-83-1] LessTif 2 vulnerabilities"
Maybe in reply to: Brandon Kovacs: "International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs."
Next in thread: lyal.collins: "Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: SSL/TLS - am I doing it right?
... Paul Rubin wrote: ... certificate, and extract the sha1 fingerprint of the certificate. ... Then install a copy of the certificate on the client, ...
(comp.lang.python)
Re: how to calculate the fingerprint of an x.509 certificate?
... your java-code is correct for calculating the SHA-1 fingerprint. ... getFingerprint(String algorithm) method where the application can specify ... assuming that your certificate is in binary DER format, ... X509Certificate cert = X509Certificate.getInstance(new ...
(comp.lang.java.security)
Re: EFS Decryption - Lost Certificate
... The Personal Certificate Manager shows two certificates. ... verifies that the currently installed key fingerprint is different ... If you start / run certmgr.msc and look in the Personal cert ... didn't make a backup of the encryption certificate, ...
(microsoft.public.security)
ssl vulnerability question
... Our product uses wininet to connect to an HTTPS server was tested by a third ... The client machine trusts two certificate authorities: ... A hacker got a certificate named "foo.com" from authority B and responds ...
(microsoft.public.security)
Re: SSL/TLS - am I doing it right?
... Read the readme that comes with TLS Lite. ... certificate, and extract the sha1 fingerprint of the certificate. ... The key must be kept secure but the fingerprint can be published. ... the client compares the ...
(comp.lang.python)