[19906] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Unforgeable dialog.

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu Feb 9 09:42:56 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: jamesd@echeque.com, solinym@gmail.com
Cc: cryptography@metzdowd.com
In-Reply-To: <43E5BB3C.4040604@echeque.com>
Date: Thu, 09 Feb 2006 19:55:35 +1300

"James A. Donald" <jamesd@echeque.com> writes:
>2. Html encourages legitimate businesses to use complicated and obfuscated
>actual targets for their urls, indistinguishable from those used by phishers.

I think a more general extension of this is "HTML allows the use of
arbitrarily sophisticated presentation attacks".  This definitely isn't a
capability you want to give to a malicious party, although it's way too late
to shut the barn door any more.

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19906] in cryptography@c2.net mail archive

Re: Unforgeable dialog.

daemon@ATHENA.MIT.EDU (Peter Gutmann)Thu Feb 9 09:42:56 2006

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu Feb 9 09:42:56 2006