Anyone working on a "portal page" blocker for Konqueror?
George Staikos
staikos at kde.org
Sat Oct 8 18:46:47 BST 2005
On Saturday 08 October 2005 13:02, Thiago Macieira wrote:
> George Staikos wrote:
> > They're not hijacking HTTPS. They're hijacking DNS. If the user
> > types "https://www.example.com/", gets the page for the ISP, and
> > doesn't get a warning then there must be a root certificate in the
> > browser that the ISP uses to generate certificates on the fly. I doubt
> > this is happening. I suspect the user is getting a warning.
>
> Even if you generate a certificate on the fly for the asked-for hostname
> (which must come from DNS), it can't be signed by a CA. So you will get a
> warning.
Not if they have "a root certificate in the browser that the ISP uses to
generate certificates on the fly" :-)
> What I'm worried about is the certificate cache start complaining because
> certs changed. You trusted one, but you're now getting another.
People shouldn't be trusting any of these.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kfm-devel
mailing list