Bugtraq mailing list archives
Re: Security certificate negation by content provider
From: Dave Ahmed <da () securityfocus com>
Date: Sat, 25 Aug 2001 13:44:50 -0600 (MDT)
On Sat, 25 Aug 2001, Eddie Chandler wrote:
1) problem description: Content provider realnames.com removes security certificate after padding with its advertising.
Hmm, doesn't look like that is the case. The problem seems to be that the lock doesn't appear in the browser and there is no dialog when one of the inner frame's contents originates from an https server (at least not with my IE security settings). If you view the properties of the order page frame you will see that it is https with a valid certificate. Dave Ahmad Security Focus www.securityfocus.com
Current thread:
- Security certificate negation by content provider Eddie Chandler (Aug 25)
- Re: Security certificate negation by content provider Dave Ahmed (Aug 25)