[13570] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: The real problem that https has conspicuously failed to fix

daemon@ATHENA.MIT.EDU (Udhay Shankar N)
Wed Jun 11 10:40:51 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 11 Jun 2003 11:18:24 +0530
To: Pete Chown <Pete.Chown@skygate.co.uk>, cryptography@metzdowd.com
From: Udhay Shankar N <udhay@pobox.com>
In-Reply-To: <3EE5A173.1000008@skygate.co.uk>

Pete Chown wrote [ at 10:14 AM 6/10/2003 +0100 ]:

>The bar could also show the server name for unverified connections. This 
>would avoid the attacks that use URLs like 
>http://www.microsoft.com:officesupport@virus.com .

Opera 7.x, by default, warns you whenever you are attempting to connect to 
a URL containing a username, like above.

Udhay

-- 
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13570] in cryptography@c2.net mail archive

Re: The real problem that https has conspicuously failed to fix

daemon@ATHENA.MIT.EDU (Udhay Shankar N)Wed Jun 11 10:40:51 2003

daemon@ATHENA.MIT.EDU (Udhay Shankar N)
Wed Jun 11 10:40:51 2003