[Cryptography] So please tell me. Why is my solution wrong?
Joseph Kilcullen
kilcullenj at gmail.com
Mon Feb 13 10:05:37 EST 2017
On 10-Feb-17 6:41 PM, Salz, Rich wrote:
> .....You did not respond to my second point which explained why.
I'm only seeking to solve the most basic counterfeiting of a website. I
view the counterfeiting of a domain as a technical different problem.
Deserving of its own solutions, like the ones you referenced.
Many phishing attacks don't use TLS, so the domain validation stuff is
never utilised. The idea behind my solution is to bully the phishers
into the TLS domain. Users should know to only enter their password into
the login window with the correct image. Phishers won't be able to get
that image up without either hacking your computer or hacking a
certificate authority. I'm actually trying to force the phishers into
the world of TLS, into the nets/snares of the domain validation
solutions and other cool stuff in TLS.
More information about the cryptography
mailing list