Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


Sicherheit 2010 Sicherheit, Schutz und Zuverlässigkeit P-170, 265-276 (2010).

Gesellschaft für Informatik, Bonn
2010


Copyright © Gesellschaft für Informatik, Bonn

Contents

Why showing one TLS certificate is not enough - towards a browser feedback for multiple TLS certificate verifications

Henrich C. Pöhls

Abstract


Content reuse on the Web 2.0 is a common “phenomenon”. However, it has now reached critical and sensitive areas, as for example online shopping's submission forms for credit card data. Browsers lack the ability to show anything else than the outer most's TLS certificate verification to the user. We show that there is a trend to embed security critical content from other site's into a website. We will use VISA's credit card submission form embedded in an