<<< Date Index >>>     <<< Thread Index >>>

RE: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.




On Wed, 16 Feb 2005, David Schwartz wrote:

Correct. And the browser vendors gain trust because they only include
reputable CAs.

Ummm.

No.

'They' (to a good first order approximation: 'Microsoft') are 'trusted' because 'they' own 90% of the browser market following the abuse of a desktop OS monopoly to force their applications competition out of the market.

Defaults are power.

--
Benjamin Franz

"All right, where is the answer? The battle of wits has begun.
It ends when you click and we both serve pages - and find out who is right,
and who is slashdotted." - David Brandt