>He changed the login form in such a way that he was sent the one time >transaction code of the money transfer and displayed an successful >result by himself from the hijacked web server. The SSL certificate was >of no use in this case, it even kept the user in wrong confidence. > >The SigHTTP would have been a solution for this case. I disbelieve. All he would've had to do would be to modify the login form handler instead of the form itself. As you've described it, SigHTTP does nothing for dynamic content. >Changing already >signed HTML content wold have deleted or modified the signature and a >SigHTTP cpapable browser or third party tool would have been given the >chance to alert the user. So how does the browser distinguish between a page whose signature was deleted by an attacker and one whose maintainer has stopped using SigHTTP? /========================================================\ |John Stracke |Principal Engineer | |jstracke@incentivesystems.com |Incentive Systems, Inc.| |http://www.incentivesystems.com |My opinions are my own.| |========================================================| |This space intentionally left blank. | \========================================================/