RE: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements

To: "Dick Hardt" <dick at sxip.com>
Subject: RE: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements
From: "Hallam-Baker, Phillip" <pbaker at verisign.com>
Date: Tue, 11 Jul 2006 15:11:12 -0700
Cc: Digital Identity Exchange <dix at ietf.org>, ietf-http-auth at lists.osafoundation.org, Sam Hartman <hartmans-ietf at mit.edu>
List-archive: <http://www1.ietf.org/pipermail/dix>
List-help: <mailto:dix-request@ietf.org?subject=help>
List-id: Digital Identity Exchange <dix.ietf.org>
List-post: <mailto:dix@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
Reply-to: Digital Identity Exchange <dix at ietf.org>
Thread-index: AcalNIcKLSVo4LotT1SetO1+IFWl4QAAb/XQ
Thread-topic: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements

> From: Dick Hardt [mailto:dick at sxip.com] 

> Just to clarify, phishers are spoofing Google and Blogger to 
> steal credentials? If so, I stand corrected.

Not in production yet.

However there are malware companies that use blogger for distributing trojans. It is a small step from that to phish credentials of blogger sites and drop hardcore crimeware onto machines that visit.





_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix

Prev by Date: Re: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements
Next by Date: Re: [dix] Updated phishing requirements draft
Previous by thread: Re: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements
Next by thread: [dix] Volunteers for note takers
Index(es):
- Date
- Thread

RE: [dix] Re: [Ietf-http-auth] Notes on Web authenticationenhancements

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.