Kyle Hamilton:
> https://www.paypal.com/cgi-bin/webscr/cgi-bin/webscr?cmd=_ssr&return=http%3A%2F%2Fpaypal-cgi-bin.s6.pl/?cgi-bin.webscrcmd=_login-run.webscrcmd=_account-run.DisputeTransactionID.2LC956793J776333Y
>
> This is a valid PayPal URL that issues a redirect to an external site,
> which just
(crossposting this between dev-tech-crypto and dev-security per Nelson
Bolyard's suggestion)
One of my colleagues has managed to locate a site that:
a) goes to the official paypal site
b) redirects off of the paypal site
c) ends up landing on a paypal spoof
without:
d) triggering any notification
Kyle Hamilton wrote, On 2008-07-03 19:51:
> https://www.paypal.com/cgi-bin/webscr/cgi-bin/webscr?cmd=_ssr&return=http%3A%2F%2Fpaypal-cgi-bin.s6.pl/?cgi-bin.webscrcmd=_login-run.webscrcmd=_account-run.DisputeTransactionID.2LC956793J776333Y
>
> This is a valid PayPal URL that issues a redirect to an
https://www.paypal.com/cgi-bin/webscr/cgi-bin/webscr?cmd=_ssr&return=http%3A%2F%2Fpaypal-cgi-bin.s6.pl/?cgi-bin.webscrcmd=_login-run.webscrcmd=_account-run.DisputeTransactionID.2LC956793J776333Y
This is a valid PayPal URL that issues a redirect to an external site,
which just happens (at this mome
Robert Relyea wrote:
> Nelson B Bolyard wrote:
> I ran with this module for over a year, there is probably some memory
> leaks, but in general it worked well.
> This module maps existing CAPI modules into PKCS #11 (gives Firefox
> access to capi modules -- most notably *THE* capi module (microsoft
Nelson B Bolyard wrote:
> The files are in
> http://lxr.mozilla.org/security/source/security/nss/lib/ckfw/capi/
> Work on that project stopped ~2.5 years ago.
> You're welcome to try it.
>
> My guess is that it does a good job at doing the things that it does,
> but has limited functionality (doesn
Nelson B Bolyard wrote:
Chris Hills wrote, On 2008-07-03 10:47:
From what I have read in this group, there is already some experimental
code in NSS, but I have no idea as to its functionality or usability.
The files are in
http://lxr.mozilla.org/security/source/security/nss/lib/ckfw/
Chris Hills wrote, On 2008-07-03 10:47:
> From what I have read in this group, there is already some experimental
> code in NSS, but I have no idea as to its functionality or usability.
The files are in
http://lxr.mozilla.org/security/source/security/nss/lib/ckfw/capi/
Work on that project sto
Bruno de Paula Ribeiro wrote:
> Hello Chris.
>
> I think you will have to write a CSP for this purpose. And that means
> you will need to install the CSP Dev Service Pack, build your .dll and
> than send it to Microsoft for code signing.
>
> Bruno.
Bruno
From what I have read in this group, ther
Hello Chris.
I think you will have to write a CSP for this purpose. And that means
you will need to install the CSP Dev Service Pack, build your .dll and
than send it to Microsoft for code signing.
Bruno.
Chris Hills escreveu:
Hi
I am interested in the development of the PKCS#11 module f
Hi
I am interested in the development of the PKCS#11 module for CAPI. Could
someone please point me in the right direction as to where to where I
may follow its progress.
My motivation is the deployment of Firefox in an enterprise that uses a
private PKI (reasonably common in large networks ru
Thanks you so very much for taking the time to explain that! I know
that it takes time and effort to put together such a detailed
response ... it really does help me understand what I need to do. I
was unaware there were RFCs ... if I had known then I probably would
have tried to read them first
12 matches
Mail list logo
