* Stefan Fritsch: > I don't agree with this. An attacker can trick a user to accept a > certificate for '*' which then allows to do MITM attacks for any > websites. You still need to subvert IP routing. If you do that, most users will click away the warnings anyway. -- Florian Weimer <fweimer@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99