- From: Anil Saldhana <Anil.Saldhana@redhat.com>
- Date: Wed, 27 Feb 2008 14:31:46 -0600
- To: michael.mccormick@wellsfargo.com
- CC: public-wsc-wg@w3.org
Interestingly the previous netcraft report was on the usage of EV certs in 2007. Now we have a report on how EV can be a back door to get xss in. michael.mccormick@wellsfargo.com wrote: > http://news.netcraft.com/archives/2008/02/27/extended_validation_certifi > cates_and_xss_considered_harmful.html > > >> Michael McCormick, CISSP >> Lead Security Architect, Information Security Technologies >> Wells Fargo Bank >> "THESE OPINIONS ARE STRICTLY MY OWN AND NOT NECESSARILY THOSE OF WELLS >> FARGO" >> This message may contain confidential and/or privileged information. >> If you are not the addressee or authorized to receive this for the >> addressee, you must not use, copy, disclose, or take any action based >> on this message or any information herein. If you have received this >> message in error, please advise the sender immediately by reply e-mail >> and delete this message. Thank you for your cooperation. >>
Received on Wednesday, 27 February 2008 20:32:12 UTC