[cryptography] yet another certificate MITM attack

John Kemp john at jkemp.net
Fri Jan 11 16:55:10 EST 2013


On Jan 11, 2013, at 3:16 PM, Thierry Moreau wrote:

> John Kemp wrote:
>> [...] the _spirit_ of end-to-end semantics is violated here, I believe [...]
> 
> Personally, I am not a spiritual cryptography believer.

For the purposes of HTTPS, you don't have to be; the encryption works as specified. 

Regards,

JohnK

> 
> -- 
> - Thierry Moreau




More information about the cryptography mailing list