7 Sep 16:04
Re: Firefox 2.0.x: tracking unsuspecting users using TLS client certificates
Arshad Noor <arshad.noor <at> strongauth.com>
2007-09-07 14:04:53 GMT
2007-09-07 14:04:53 GMT
Alex, Do you presume that the websites in the domains that you intend to track users will install the self-signed CA certificate that issued the client-certificate to the unsuspecting user? If not, how will the browser know which client certificate to send to the website during client-auth? And what happens to the users who do not have have client-certs issued by this CA when they attempt to connect to the site? Arshad Noor StrongAuth, Inc. ----- Original Message ----- From: "Alexander Klink" <a.klink <at> cynops.de> Tracking visitors in an unnoticed way over several domains is typically not as easy as this, I believe.
RSS Feed