Hyperlink Spoofing: an attack on SSL server authentication
Adam Shostack
adam at homeport.org
Sat Jan 4 07:07:34 PST 1997
Ed Felten of Princeton presented something similar at the Dimacs
Network Threats workshop in November 96.
Frank O'Dwyer wrote:
|
| I've written up an attack on SSL server authentication at
|
| http://www.iol.ie/~fod/sslpaper/sslpaper.htm
|
| As far as I am aware, this attack hasn't been written about before.
| It does not attack the SSL protocol or low-level cryptography, but works
| at a higher level in order to persuade users to connect to fake servers,
| with the browser nonetheless giving all the usual appearances of a
| secure session.
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list