[cryptography] yet another certificate MITM attack

Jeffrey Walton noloader at gmail.com
Fri Jan 11 14:56:44 EST 2013

On Thu, Jan 10, 2013 at 6:59 PM, Jon Callas <jon at callas.org> wrote:
> Hash: SHA1
> Others have said pretty much the same in this thread; this isn't an MITM attack, it's a proxy browsing service.
> There are a number of "optimized" browsers around. Opera Mini/Mobile, Amazon Silk for the Kindle Fire, and likely others. Lots of old "WAP" proxies did pretty much the same thing. The Nokia one is essentially Opera.
It's funny you bring up WAP. My secure coding guide also has a bullet:

Ensure the application is not using Wireless Application Protocol (WAP
1.x). The protocol specifies a WAP Proxy, which is the Man in the
Middle (MitM). WAP 2.x has its own set of problems.


More information about the cryptography mailing list