W3C home > Mailing lists > Public > public-usable-authentication@w3.org > April 2007

RE: DNSSEC indicator

From: Dan Schutzer <dan.schutzer@fstc.org>
Date: Thu, 26 Apr 2007 08:17:50 -0400
To: "'Dick Hardt'" <dick@sxip.com>, <sthomas2@ups.com>
Cc: <public-usable-authentication@w3.org>
Message-ID: <01f801c787fc$e91e3d90$6500a8c0@dschutzer>

That is why you need a safe mode where you can select from a list of
certified sites - then you would never select www.microsOft.com instead of
www.microsoft.com, because www.microsOft.com wouldn't make the list. 

-----Original Message-----
From: public-usable-authentication-request@w3.org
[mailto:public-usable-authentication-request@w3.org] On Behalf Of Dick Hardt
Sent: Thursday, April 26, 2007 8:10 AM
To: sthomas2@ups.com
Cc: public-usable-authentication@w3.org
Subject: Re: DNSSEC indicator

There is unlikely to be a single silver bullet that solves *all* the  
issues. It is useful to know that the client really is connected to  
www.micros0ft.com if that is what the client wants to connect to.

DNSSEC is not going to solve social phishing attacks, but it does  
enable other technology such as CardSpace etc. to have increased  
certainty on what is going on.

-- Dick

On 26-Apr-07, at 1:37 PM, <sthomas2@ups.com> wrote:

> Who "types in" URLs anymore? (The answers of security professionals,
> such as those folks on this list, don't count.)
> If DNSSEC indicates that the client has correctly resolved the domain
> name of, say,
> www.microsOft.com, so what?
> -----Original Message-----
> From: public-usable-authentication-request@w3.org
> [mailto:public-usable-authentication-request@w3.org] On Behalf Of Dan
> Schutzer
> Sent: Thursday, 26 April 2007 6:04 AM
> To: 'Thomas Roessler'; michael.mccormick@wellsfargo.com
> Cc: ses@ll.mit.edu; public-wsc-wg@w3.org; kjell.rydjer@swedbank.se;
> steve@shinkuro.com; public-usable-authentication@w3.org; 'Dan  
> Schutzer'
> Subject: RE: DNSSEC indicator
> [...] it
> indicates that they are at the correct web site (the site belonging to
> the
> url they typed in)
> [...]
Received on Thursday, 26 April 2007 12:18:10 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:16 UTC