Anyone working on a "portal page" blocker for Konqueror?

Thiago Macieira thiago at kde.org
Sat Oct 8 18:02:29 BST 2005


George Staikos wrote:
>   They're not hijacking HTTPS.  They're hijacking DNS.  If the user
> types "https://www.example.com/", gets the page for the ISP, and
> doesn't get a warning then there must be a root certificate in the
> browser that the ISP uses to generate certificates on the fly.  I doubt
> this is happening.  I suspect the user is getting a warning.

Even if you generate a certificate on the fly for the asked-for hostname 
(which must come from DNS), it can't be signed by a CA. So you will get a 
warning.

What I'm worried about is the certificate cache start complaining because 
certs changed. You trusted one, but you're now getting another.

-- 
  Thiago Macieira  -  thiago (AT) macieira.info - thiago (AT) kde.org
    PGP/GPG: 0x6EF45358; fingerprint:
    E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358

3. Ac seo woruld wearð geborod, swá se Scieppend cwæð "Gewurde Unix" and 
wundor fremede and him "Unix" genemned, þæt is se rihtendgesamnung.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20051008/9a9356ab/attachment.sig>


More information about the kfm-devel mailing list