Generally described, computing devices and communication networks can be utilized to exchange information. In a common application, a computing device can request content from another computing device via the communication network. For example, a user at a personal computing device can utilize a software browser application, typically referred to as a browser software application, to request a Web page from a server computing device via the Internet. In such embodiments, the user computing device can be referred to as a client computing device and the server computing device can be referred to as a content provider.
With reference to an illustrative example, a requested Web page, or original content, may be associated with a number of additional resources, such as images or videos, that are to be displayed with the Web page. In one specific embodiment, the additional resources of the Web page are identified by a number of embedded resource identifiers, such as uniform resource locators (“URLs”). In turn, software on the client computing devices, such as a browser software application, typically processes embedded resource identifiers to generate requests for the content. Accordingly, in order to satisfy a content request, one or more content providers will generally provide client computing devices data associated with the Web page as well as the data associated with the embedded resources.
Once the client computing device obtains the Web page and associated additional resources, the content may be processed in a number of stages by the software browser application or other client computing device interface. For example, and with reference to the above illustration, the software browser application may parse the Web page to process various HTML layout information and references to associated resources, may identify and process Cascading Style Sheets (“CSS”) information, may process and instantiate various Javascript code associated with the Web page, may construct a native object model to represent one or more components of the Web page, and may calculate various layout and display properties of the processed content for presentation to a user.
When a client computing device establishes a secure channel for communication with a content source, such as an SSL connection for HTTPS transmissions, the client computing device connects with a server at an IP address returned from a DNS lookup. In the case of an SSL connection, the client computing device will participate in an SSL handshake with the server, and receive a digital certificate, signed by a third party certificate authority trusted by the client computing device, identifying the server as being associated with content provider. An error or fraud in the DNS record or digital certificate can expose the information intended for a specific content source to unknown or potentially malicious third parties, even when a secure, encrypted connection is established with the server.