An article on the front page of WebWeek this week discusses digital signatures and CAs. The best point made was that a small company could undercut (pricewise) the post office as a CA. Overall it seemed a pretty fair article. It mentioned UC Berkeley researchers "spoofing" a Netscape server's identity and sending false data to the client. This was news to me, I am curious as to how this was done. The paper article also listed as a "resource on the net" the URL for Tim May's cyphernomicon. Here's the link. Enjoy. Article: Big Step Forward For Authentication URL: http://pubs.iworld.com/ww-online/96Feb/news/authentication.html Clay --------------------------------------------------------------------------- Clay Olbon II | olbon@dynetics.com Systems Engineer | ph: (810) 589-9930 fax 9934 Dynetics, Inc., Ste 302 | http://www.msen.com/~olbon/olbon.html 550 Stephenson Hwy | PGP262 public key: finger olbon@mgr.dynetics.com Troy, MI 48083-1109 | pgp print: B97397AD50233C77523FD058BD1BB7C0 "To escape the evil curse, you must quote a bible verse; thou shalt not ... Doooh" - Homer (Simpson, not the other one) ---------------------------------------------------------------------------