A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2005; you can also visit the original URL.
The file type is application/pdf
.
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
2005
Proceedings of the 14th international conference on World Wide Web - WWW '05
Existing Web browsers handle security errors in a manner that often confuses users. In particular, when a user visits a secure site whose certificate the browser cannot verify, the browser typically allows the user to view and install the certificate and connect to the site despite the verification failure. However, few users understand the risk of man-in-the-middle attacks and the principles behind certificate-based authentication. We propose context-sensitive certificate verification (CSCV),
doi:10.1145/1060745.1060817
dblp:conf/www/BrustoloniB05
fatcat:2z2gxjjmcnggbhymagggwc4tyi