[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IDNA and security



In article <20050208220527.GW26791@mathom.us> you wrote:
> The name is what associates a CA signature with a site. They're not
> signing the IP number.

The Browser is  checking the address agaist the DN itself. So if the padlock
is blue, the certificate is for the current URL. Then you have to check the
content of the certificate who owns it. There is no special value in the
name. "debian.xx" does not belong to debian, as long as the Certificate is
not for debian.

IDN Attacks against the  url  are for site spoofings which attack users who
do not use SSL certificates. And those are always  at a higher risk.

Greetings
Bernd



Reply to: