SSL, a cast of web browsers & man-in-the middle attacks
Quentin Campbell
Q.G.Campbell at newcastle.ac.uk
Tue, 13 Aug 2002 12:37:55 +0100
The following URL gives a succinct description of what looks like a very
serious vulnerability to man-in-the-middle attacks in many web browsers
that use SSL.
http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2
d
However the reason for posting it here is that the link also gives a
lucid description of the way CA certificates are used (an can be abused)
by web servers/browsers.
Quentin
---
PHONE: +44 191 222 8209 Computing Service, University of Newcastle
FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU.
------------------------------------------------------------------------
"Any opinion expressed above is mine. The University can get its own."=20