Re: [TLS] [certid] [secdir] secdir review of draft-saintandre-tls-server-id-check-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/22/2010 01:31 PM, ArkanoiD wrote:
> BTW, slightly offtopic here: whenever i connect to gmail.com, i get
> certificate for mail.google.com. But i've yet to see any web browser
> to complain! Where is the magic?

On 09/22/2010 02:37 PM, Marsh Ray wrote:
Hopefully I'm overlooking something simple, but at first glance it would
seem like either of these two conditions are true:

1. Multiple vendors are putting some kind of override table in their
browsers with an entry for gmail.com.
This search
http://mxr.mozilla.org/mozilla1.9.2/search?string=[^%40]gmail.com&regexp=1&hitlimit=&tree=mozilla1.9.2

Doesn't return any hits. That search page is a little tricky though. It kept wanting to change my "^@" to "\0"! :-)
Which suggests that:
2. Browsers are running script from badly authenticated sources.
- Marsh
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]