Re: Return of i18n attacks with the help of wildcard certificates

Eddy Nigg Wed, 04 Mar 2009 06:40:15 -0800

On 03/04/2009 04:18 PM, Jean-Marc Desperrier:

Eddy Nigg wrote:

[...] When do we expect SSL? On submit or on
password fields in a form[...]


IF "page contains form"
AND "form contains password field"
THEN "flash insecure form warning"

Could be done. But there would better be a cross browser agreement on
this. And coupled with a way to offer (low/no)-cost SSL to everybody.

The later exists already for a long time (and you most likely know aboutit): www.startssl.com


--
Regards

Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog:   https://blog.startcom.org
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security

Re: Return of i18n attacks with the help of wildcard certificates

Reply via email to