On 12/23/2008 09:09 AM, Kyle Hamilton:
(I word it like that because in order for an attacker to succeed he would need to also hijack DNS, or place a entry in the user's hosts file.)
Or be a WiFi operator. This was the attack vector of https://bugzilla.mozilla.org/show_bug.cgi?id=460374
Of course, this would be an NSS change (the addition of a 'trust suspended' bit,
I think this to be an interesting idea and should be considered. -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
