[8111] in cryptography@c2.net mail archive
Re: Public Key Infrastructure: An Artifact...
daemon@ATHENA.MIT.EDU (Bram Cohen)
Mon Nov 20 17:41:19 2000
Date: Mon, 20 Nov 2000 14:01:22 -0800 (PST)
From: Bram Cohen <bram@gawth.com>
To: obfuscation@beta.freedom.net
Cc: cryptography@c2.net, cypherpunks@cyberpass.net
In-Reply-To: <200011200208.SAA13909@blacklodge.c2.net>
Message-ID: <Pine.LNX.4.21.0011201400070.12008-100000@ultra.gawth.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Sun, 19 Nov 2000 obfuscation@beta.freedom.net wrote:
> > When the user goes to www.amazon.com, they get a plaintext http redirect
> > to amazon.hackeddomain.com, which does check.
>
> Still confused...
>
> The original connection to www.amazon.com is an SSL connection, right?
> We are following an https: URL? (Otherwise, SSL would not even come
> into the picture.)
No, the attacker interferes with the very first connect to www.amazon.com,
probably at the DNS level, and that's almost always done plaintext.
-Bram Cohen
