Julien Pierre wrote:
RFC 2817 has serious security implications for clients, because it does
not specify a distinct URL scheme for TLS upgrade. Browsers are left
without a means to enforce encryption on the connection. It is up to the
server to upgrade the connection to TLS - or not . I
There has been an interesting and important debate on this list on the
`Mozilla security process`. The discussion focused on improved security
indicators, specifically to help protect against spoofed web site
attacks (including phishing, pharming, etc.). This is also one of my
main research
I think all five criteria below are correct. I also believe we will meet
all of them in our next release (in testing) of TrustBar, and meet
almost all even in our current release (which has many downloads, happy
users). Here are details:
Heikki Toivonen wrote:
Ka-Ping Yee wrote:
1. We
Doug Ludy wrote:
I am new at this, but have been following the discussion of phishing at
the n.p.m.security newsgroup for the past month. I would like to try
the trustbar extension but when I try to download the program from
http://trustbar.mozdev.org I cannot do so because I have
I'm new to the Netscape/Firefox/Mozilla platform and I've been tasked with
providing a programmatic method for our customers to use to install client
certificates. I'm looking for suggestions on how to approach a solution.
Java applet? Extension? Plug-in? I'm stuck on how to do this. We're
Mike Stokes wrote:
I'm new to the Netscape/Firefox/Mozilla platform and I've been tasked with
providing a programmatic method for our customers to use to install client
certificates. I'm looking for suggestions on how to approach a solution.
Java applet? Extension? Plug-in? I'm stuck on
Duane,
Thanks for the reply, but I'm a little confused. I couldn't find anything on
your site that explained how you've automated the cert installation for
client certs. It's late and I'm a little short on sleep so forgive me if I'm
just being dense. :)
Duane [EMAIL PROTECTED] wrote in