On Tue, 20 Nov 2007, Mark Senior wrote:
If I subsequently visit my bank's website, and I get no SSL warning, it
should ing well mean the certificate is valid.
However, vendors seem to head towards strong hostname binding. MSIE,
Opera and Safari 3 already do so. Mozilla-1.9/Firefox-3 will
On Sun, 18 Nov 2007, Nils Toedtmann wrote:
Mozilla based browsers (Firefox, Netscape, ...), Konqueror and Safari 2
do not bind a user-approved webserver certificate to the originating
domain name. This makes the user vulnerable to certificate spoofing by
subjectAltName:dNSName extensions.
...
