RE: how can you verify that the site you get is not a fake?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: RE: how can you verify that the site you get is not a fake?
From: Kenneth Porter <shiva@xxxxxxxxxxxxxxx>
Date: Mon, 06 Jun 2005 03:55:30 -0700
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

--On Sunday, June 05, 2005 10:06 PM -0700 Joel Jaeggli <joelja@xxxxxxxxxxxxxxxxxxxx> wrote:

steal the cert installed on the webserver and use it in conjunction with
some ip based trickery to masquerede as the site in question

I think the OP was also concerned with replay attacks, and it's the second part of this response that's used to prevent that.

I believe there's also a challenge-response component: The client sends something that the remote server encrypts with its private key. The client uses the public key (the cert returned) to decode it and verify that the server possesses the private key.

References:
- RE: how can you verify that the site you get is not a fake?
  - From: bruce
- RE: how can you verify that the site you get is not a fake?
  - From: Joel Jaeggli

Prev by Date: Re: not met ids in logs
Next by Date: Re: DHCP and resolving names on the internal network
Previous by thread: RE: how can you verify that the site you get is not a fake?
Next by thread: Re: how can you verify that the site you get is not a fake?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]