https - hopefully not too stupid a question
Roland Perry
lists at internetpolicyagency.com
Sun Jun 17 16:53:01 BST 2012
In article <4FDDF8D7.7080108 at zen.co.uk>, Peter Fairbrother
<zenadsl6186 at zen.co.uk> writes
>In practice, the client will normally do a DNS on the hostname before a
>https connection is established. So if all the client's traffic is
>being monitored then the monitors will usually have the hostname anyway.
Hmm, if I try to access:
https://65.55.25.59/windowsupdate/v6/thanks.aspx?ln=en&&thankspage=5
(Where 65.55.25.59 is what my DNS translates www.update.microsoft.com
into)
I get:
This is probably not the site you are looking for!
You attempted to reach 65.55.25.59, but instead you actually reached a
server identifying itself as www.update.microsoft.com. This may be
caused by a misconfiguration on the server or by something more
serious. An attacker on your network could be trying to get you to
visit a fake (and potentially harmful) version of 65.55.25.59.
Is this my browser (Chrome) not getting its act together, or is there an
infelicity in one of the protocols?
--
Roland Perry
More information about the ukcrypto
mailing list