[16870] in cryptography@c2.net mail archive
Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
daemon@ATHENA.MIT.EDU (Ian G)
Wed Feb 9 16:36:42 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 09 Feb 2005 21:08:45 +0000
From: Ian G <iang@systemics.com>
To: Taral <taral@taral.net>
Cc: Amir Herzberg <herzbea@macs.biu.ac.il>, cryptography@metzdowd.com
In-Reply-To: <20050209190622.GA17685@yzma.clarkk.net>
Taral wrote:
>On Wed, Feb 09, 2005 at 07:41:36PM +0200, Amir Herzberg wrote:
>
>
>Why should I trust you? Filtering xn--* domains works for me, and
>doesn't require that I turn my browser over to unreviewed, possibly
>buggy code.
>
>
I understand this is a theoretical question, but
here is an answer:
The plugin is downloadable from a MozDev site,
and presumably if enough attention warrants it,
Amir can go to the extent of signing it with a
cert in Mozilla's code signing regime.
Also, as Amir is a relatively well known name in
the world of crypto I suppose you could consider
his incentives to be more aligned with delivering
good code than code that would do you damage.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
