Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

Sicherheit 2010 Sicherheit, Schutz und Zuverlässigkeit P-170, 265-276 (2010).

Gesellschaft für Informatik, Bonn

Copyright © Gesellschaft für Informatik, Bonn


Why showing one TLS certificate is not enough - towards a browser feedback for multiple TLS certificate verifications

Henrich C. Pöhls


Content reuse on the Web 2.0 is a common “phenomenon”. However, it has now reached critical and sensitive areas, as for example online shopping's submission forms for credit card data. Browsers lack the ability to show anything else than the outer most's TLS certificate verification to the user. We show that there is a trend to embed security critical content from other site's into a website. We will use VISA's credit card submission form embedded in an