[10098] in cryptography@c2.net mail archive
Re: CFP: PKI research workshop
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Sun Jan 13 21:23:45 2002
To: cryptography@wasabisystems.com
Reply-To: EKR <ekr@rtfm.com>
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
From: Eric Rescorla <ekr@rtfm.com>
Date: 12 Jan 2002 11:02:12 -0800
In-Reply-To: Carl Ellison's message of "Sat, 12 Jan 2002 10:49:18 -0800"
Message-ID: <kju1tr5r63.fsf@romeo.rtfm.com>
Carl Ellison <cme@acm.org> writes:
> If that's not good enough for you, go to https://store.palm.com/
> where you have an SSL secured page. SSL prevents a man in the middle
> attack, right? This means your credit card info goes to Palm
> Computing, right?
No. It means that your credit card info goes to people who have
been authorized to use the domain name "store.palm.com". The
certificate reflects that. This appears to be a case of
outsourcing.
> Check the certificate.
Is your claim that Modus Media is NOT authorized to operate
"store.palm.com"?
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
