[security] [dix] Re: Gathering requirements for in-browser OpenID support
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Tue Oct 31 11:00:08 UTC 2006
Chris Drake wrote:
> Hi Ben,
>
> For the benefit of me and others reading this thread, can you briefly
> explain how you would deploy EKE in a browser to defeat MitM ?
>
> Lets assume I set up a MitM site - https://www.paypal.com.phisher.com
> and I even bother to buy a $38 SSL cert for it.
Guess, he will have a hard time getting a cert for this...Usually wild
card certificates require additional verifications as well...
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061031/f5cb0e37/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eddy_nigg.vcf
Type: text/x-vcard
Size: 636 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061031/f5cb0e37/attachment-0002.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7282 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061031/f5cb0e37/attachment-0002.bin>
More information about the general
mailing list