|
|
|
|
|
GeoTrust:
Securing Transactions, Identities & Applications in the Global Economy
|
|
|
|
|
|
|
The following example web site spoofs demonstrate the vulnerabilities that exist if First-Generation vetting practices for digital certificates are used in combination with new browser enhancements which bring the certificate Organizational information forward and displayed next to the SSL Lock symbol.
To see these examples within your own browser environment you must have available or install a browser that supports the display of SSL certificate Oranizational information next to the SSL lock symbol. The latest beta release of Opera supports this feature, click here to download Opera 8 Beta 3
Note: *Multiple SSL certificates were able to be obtained for all examples from multiple CA's
Read the Advisory Executive Summary: Click here to view the advisory executive summary
This is an example where a certificate was obtained for an Organization with the name of Chase.
To see this live example for yourself with a browser that supports the display of SSL certificate Organizational information. Opera 8 Beta 3 supports this feature, click here to download the latest Opera 8 Beta 3 here.
Once Opera is installed, use this link to see the site.
https://www.noticall.net
*Multiple SSL certificates were able to be obtained for this example from multiple CA's
|
|
|
This is an example where a certificate was obtained for an Organization with the name of Fleet.
To see this live example for yourself with a browser that supports the display of SSL certificate Organizational information. Opera 8 Beta 3 supports this feature, click here to download the latest Opera 8 Beta 3 here.
Once Opera is installed, use this link to see the site. https://www.noticall.org
*Multiple SSL certificates were able to be obtained for this example from multiple CA's.
|
This is an example where a certificate was obtained for an Organization with the name of Charter One.
To see this live example for yourself with a browser that supports the display of SSL certificate Organizational information. Opera 8 Beta 3 supports this feature, click here to download the latest Opera 8 Beta 3 here.
Once Opera is installed, use this link to see the site. https://www.seasidedetails.com
*Multiple SSL certificates were able to be obtained for this example from multiple CA's.
|
|
|
|
|
|
|
|
|
|
|
|
|
