John Marchesini, Sean W. Smith, Meiyuan Zhao. Keyjacking: the surprising insecurity of client-side SSL. Computers & Security, 24(2):109-123, 2005. [doi]
@article{MarchesiniSZ05, title = {Keyjacking: the surprising insecurity of client-side SSL}, author = {John Marchesini and Sean W. Smith and Meiyuan Zhao}, year = {2005}, doi = {10.1016/j.cose.2004.06.014}, url = {http://dx.doi.org/10.1016/j.cose.2004.06.014}, researchr = {https://researchr.org/publication/MarchesiniSZ05}, cites = {0}, citedby = {0}, journal = {Computers & Security}, volume = {24}, number = {2}, pages = {109-123}, }