Eddy Nigg (StartCom Ltd.):
I just wonder why the h*** Google anti-phishing tool still allows me
to go to
http://comerica.connect.tmconnectweb.login.cgi.msg5984.time32491989.webbizcompany.c1b9r62whf314lx53xq.secureserv.onlineupdatemirror66272.comerica.certificateupdate.cxv32.com/logon.htm
Should they have blocked the cxv32.com domain already all over the
place? Tested with FF3 and FF2...
Oh, and just by the way...now that we are at it...How easy it would have
been for cxv32.com to get a wild card certificate from some of the CAs
in NSS, making the phishing attack even more convincing. The theory that
we have anti-phishing tools simply doesn't hold the water, an argument
which was used multiple times against any strengthening of the Mozilla
policy.
A sub domain name like the one from above most likely would never have
been issued, not even by the CAs which issue domain validated wild
cards, at least this sub domain name would have raised enough attention
if the CA has also some personnel there...
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
