Hi, On Tue, Sep 09, 2003 at 09:00:28PM +0200, Joerg Rossdeutscher wrote: > Hi, > > Am So, 2003-09-07 um 23.44 schrieb Colin Watson: > > On Sun, Sep 07, 2003 at 09:46:02PM +0200, Joerg Rossdeutscher wrote: > > > Am So, 2003-09-07 um 21.11 schrieb Mario Vukelic: > > > > You probably don't even get security fixes fo NS 4 anymore! > > > > > > Uninteresting, since one would use NS4 only with the bank's site. They > > > don't need to hack me. They own everything I have... :-) > > > > Whoa, sure it's interesting. Consider a man-in-the-middle SSL attack: > > now somebody else owns everything you have.
You can not really mount a man-in-the-middle attack if the bank's certificate (and therefore the public key contained in it) has been signed by a trusted entity (eg, a CA). or maybe I am wrong.... > > So nothing changes, I still don't own anything. :-) > > I always thought with a SSL-connection the man in the middle just gets > useless "binary trash"? Am I wrong? > > Bye, Ratti > > > -- > -o) fontlinge | Font management for Linux | Schriftenverwaltung in Linux > /\\ http://freshmeat.net/projects/fontlinge/ > _\_V http://www.gesindel.de https://sourceforge.net/projects/fontlinge/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
