|
|
Subscribe / Log in / New account

Konqueror and digital certificates

Konqueror and digital certificates

Posted Aug 22, 2002 21:00 UTC (Thu) by hcobb (guest, #3145)
Parent article: Konqueror and digital certificates

I think your article is missing part of the point that the Register brought to light.

SSL "security" backs up DNS (which isn't very secure).

In order to exploit this IE/Konqueror flaw the thief in the middle needs to subvert DNS and steal a certificate from elsewhere.

The user's browser then says say https://tithe.microsoft.com/ and the little lock shows secure, but the certificate is a fake, signed by the stolen certificate from https://www.clueless_company.com/ is used to falsely sign the fake certificate.

So you need to subvert DNS and then you can fool the browser completely and the user would need to look carefully at the certificate details to discover the truth.

"The Rooster, crowing at IT's cockups!"

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds