Sub-Prime PKI: Attacking Extended Validation SSL
0
0 votes
Overview
One of the attributes that the paper discusses is the type of SSL certificate presented by a web server when negotiating a secure connection. Modern web browsers support both Domain Validated (DV) and Extended Validation (EV) SSL certificates. EV SSL certificates were created to combat phishing and other web based spoofing attacks which succeed in spite of the DV SSL model for web site identification. The EV SSL model improves upon the DV model in two ways. First, certificate authorities enforce a more thorough off-line validation process in order to more accurately identify the agent requesting the certificate as the owner of the domain which the certificate is for.
See also: Authentication - Encryption
Related whitepapers
- Data Security Mythbusters: Public Key Infrastructure (PKI)
- PKI and UDDI Based Trust Centre: An Attempt to Improve Web Service Security
- VeriSign PKI-Based Certificates Are Rock Solid: From the Tumultuous Launch of the Integrated Cargo System to Today
- The PKI Authentication System With the Integration of Biometric Identification and Nonsymmetric Key Technology
- VeriSign Enables a Major Satellite Internet Service Provider to Further Promote Security and Affordability
- Exploiting Weaknesses in the MD5 Hash Algorithm to Subvert Security on the Web
- Digital Signatures and the Hidden Costs of PKI
- PKI Based Semi-Fragile Watermark for Visual Content Authentication
- Protecting Biometric Data With Extended Access Control: Securing Biometric Datasets in Electronic Identification Documents
- Extending BAN Logic for Reasoning With Modern PKI-Based Protocols
|
|
|
|
ZDNet Asia Top Tech 50 Index
AT&T- Asustek
- Canon
- Convergys
- Ericsson
- Hewlett-Packard
- Infosys
- LogicaCMG
- NTT
- Samsung
- SingTel Group
- Toshiba
- Xerox
- Accenture
- Atos Origin
- Capgemini
- Dell
- France Telecom
- Hitachi
- Intel
- Microsoft
- Nokia
- Satyam Computer Services
- Sony
- Verizon Communications
- ZTE
The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products
The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power
Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.
Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.
Security Considerations for Cloud-Ready Data Centers - Download the whitepaper!
A network-centric approach to providing security in the data center delivers multiple benefits
IT Salary & Skills Report 2009
Join activeTechPros for free access to the report
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
